www.insauga.com Open in urlscan Pro
2606:4700:20::681a:a5c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Submission: On January 07 via manual (January 7th 2024, 6:29:27 am UTC) from US — Scanned from DE

Summary HTTP 421 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 44 domains to perform 421 HTTP transactions. The main IP is 2606:4700:20::681a:a5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.insauga.com. The Cisco Umbrella rank of the primary domain is 780224.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time www.insauga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:4700:20:... 2606:4700:20::681a:a5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.80 13.32.27.80	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
22	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:15ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 6	108.138.26.76 108.138.26.76	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
1	151.101.1.26 151.101.1.26	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:9a00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	3.120.45.29 3.120.45.29	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	34.160.152.31 34.160.152.31	15169 (GOOGLE) (GOOGLE)
7	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:264... 2600:9000:2644:200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:dc00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	18.66.97.101 18.66.97.101	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
8	54.87.72.75 54.87.72.75	14618 (AMAZON-AES) (AMAZON-AES)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
7	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:aa00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.206.99.162 34.206.99.162	14618 (AMAZON-AES) (AMAZON-AES)
1	18.245.60.23 18.245.60.23	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	23.67.137.210 23.67.137.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.193.236.213 18.193.236.213	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.90 13.32.121.90	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.158.251.159 35.158.251.159	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:de00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4008:805::2003	15169 (GOOGLE) (GOOGLE)
1	18.245.60.76 18.245.60.76	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
82	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
10 20	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	() ()
20	2a00:1450:400... 2a00:1450:4001:829::2003	() ()
421	67

45 2606:4700:20::681a:a5c (United States)

ASN13335 (CLOUDFLARENET, US)

www.insauga.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-80.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.26.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-76.fra56.r.cloudfront.net

embed.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embedcdn.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.26 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.45.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-45-29.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:200:9:46dc:4700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:dc00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.97.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-101.fra56.r.cloudfront.net

d29xw9s9x32j3w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.87.72.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-72-75.compute-1.amazonaws.com

s2l.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:aa00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.99.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-99-162.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-23.fra60.r.cloudfront.net

player.sendtonews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.236.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-236-213.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-90.fra60.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.251.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-251-159.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:de00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4008:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 10 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	10 MB
45	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	677 KB
45	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 imasdk.googleapis.com — Cisco Umbrella Rank: 639 jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	772 KB
45	insauga.com www.insauga.com — Cisco Umbrella Rank: 780224	2 MB
34	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 pubads.g.doubleclick.net — Cisco Umbrella Rank: 357 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 371	172 KB
22	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3594 ka-p.fontawesome.com — Cisco Umbrella Rank: 6234	32 KB
20	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	1 MB
15	sendtonews.com 1 redirects embed.sendtonews.com — Cisco Umbrella Rank: 19273 embedcdn.sendtonews.com — Cisco Umbrella Rank: 22328 s2l.sendtonews.com — Cisco Umbrella Rank: 19393 player.sendtonews.com — Cisco Umbrella Rank: 24073	404 KB
13	cloudfront.net d29xw9s9x32j3w.cloudfront.net	2 MB
13	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2247 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4787 mv.outbrain.com — Cisco Umbrella Rank: 2838 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7781	161 KB
11	google.com www.google.com — Cisco Umbrella Rank: 6	195 KB
10	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	20 KB
8	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11742 log.outbrainimg.com — Cisco Umbrella Rank: 3121 images.outbrainimg.com — Cisco Umbrella Rank: 3128	824 KB
7	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4373 api.cmp.inmobi.com — Cisco Umbrella Rank: 12752	204 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
7	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5889 buttons-config.sharethis.com — Cisco Umbrella Rank: 6580 l.sharethis.com — Cisco Umbrella Rank: 6152 platform-cdn.sharethis.com — Cisco Umbrella Rank: 12065	51 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	76 KB
4	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com	15 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 11844 flint.defybrick.com — Cisco Umbrella Rank: 9985	20 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2163 a.ad.gt — Cisco Umbrella Rank: 2414	5 KB
3	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1919 lexicon.33across.com — Cisco Umbrella Rank: 2501	5 KB
3	pub.network a.pub.network — Cisco Umbrella Rank: 7078 d.pub.network — Cisco Umbrella Rank: 7325	26 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1418	205 B
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	14 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	25 KB
2	optimise.net optimise.net — Cisco Umbrella Rank: 8134	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	157 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4237	71 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 274	301 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 356	1 KB
1	undertone.com hb.undertone.com — Cisco Umbrella Rank: 5043	520 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 757	541 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 991	543 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766	113 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2313	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	17 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4002	408 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	17 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 8684	231 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	422 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1474	351 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1067	12 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4731	590 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 2111	617 B
421	44

	Domain	Requested by
82	www.youtube.com	www.insauga.com www.youtube.com
45	www.insauga.com	www.insauga.com
40	jnn-pa.googleapis.com	www.youtube.com
24	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
21	ka-p.fontawesome.com	kit.fontawesome.com www.insauga.com
20	www.gstatic.com	www.youtube.com www.gstatic.com
20	googleads.g.doubleclick.net	10 redirects www.youtube.com
20	i.ytimg.com	www.insauga.com www.youtube.com
13	d29xw9s9x32j3w.cloudfront.net	www.insauga.com embed.sendtonews.com
11	www.google.com	www.insauga.com www.youtube.com
10	yt3.ggpht.com	www.youtube.com
10	static.doubleclick.net	www.youtube.com
8	s2l.sendtonews.com	embed.sendtonews.com
6	images.outbrainimg.com	www.insauga.com
6	mcdp-nydc1.outbrain.com	widgets.outbrain.com
6	cmp.inmobi.com	www.insauga.com cmp.quantcast.com cmp.inmobi.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.insauga.com
5	embed.sendtonews.com	1 redirects www.insauga.com embed.sendtonews.com
4	platform-cdn.sharethis.com	www.insauga.com
4	widgets.outbrain.com	www.insauga.com widgets.outbrain.com
3	c.amazon-adsystem.com	embed.sendtonews.com c.amazon-adsystem.com
3	fonts.googleapis.com	www.insauga.com embed.sendtonews.com
2	eus.rubiconproject.com	embed.sendtonews.com eus.rubiconproject.com
2	lexicon.33across.com	embed.sendtonews.com cdn-ima.33across.com
2	flint.defybrick.com	rock.defybrick.com www.insauga.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	targeting.unrulymedia.com	embed.sendtonews.com
2	pagead2.googlesyndication.com	imasdk.googleapis.com
2	region1.google-analytics.com	www.googletagmanager.com
2	mv.outbrain.com	widgets.outbrain.com
2	imasdk.googleapis.com	embed.sendtonews.com imasdk.googleapis.com
2	cdnjs.cloudflare.com	embed.sendtonews.com
2	optimise.net	a.pub.network
2	www.googletagmanager.com	www.insauga.com www.googletagmanager.com
2	cdn.onesignal.com	www.insauga.com cdn.onesignal.com
2	securepubads.g.doubleclick.net	www.insauga.com securepubads.g.doubleclick.net
2	a.pub.network	www.insauga.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sb.scorecardresearch.com	www.insauga.com
1	csi.gstatic.com	imasdk.googleapis.com
1	rock.defybrick.com	widgets.outbrain.com
1	a.ad.gt	cdn.hadronid.net
1	api.cmp.inmobi.com	cmp.inmobi.com
1	ib.adnxs.com	embed.sendtonews.com
1	hb.undertone.com	embed.sendtonews.com
1	htlb.casalemedia.com	embed.sendtonews.com
1	prebid-server.rubiconproject.com	embed.sendtonews.com
1	tlx.3lift.com	embed.sendtonews.com
1	hbopenbid.pubmatic.com	embed.sendtonews.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.hadronid.net	www.insauga.com
1	secure.cdn.fastclick.net	www.insauga.com
1	www.google.de	www.insauga.com
1	pubads.g.doubleclick.net	embed.sendtonews.com
1	s0.2mdn.net	imasdk.googleapis.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	player.sendtonews.com	embed.sendtonews.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	log.outbrainimg.com	widgets.outbrain.com
1	cdn-ima.33across.com	embed.sendtonews.com
1	js-sec.indexww.com	embed.sendtonews.com
1	cmp.quantcast.com	1 redirects
1	widget-pixels.outbrain.com	www.insauga.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	d.pub.network	www.insauga.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	polyfill.io	www.insauga.com
1	embedcdn.sendtonews.com	www.insauga.com
1	kit.fontawesome.com	www.insauga.com
1	platform-api.sharethis.com	www.insauga.com
421	74

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
vimeo.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
insauga.com
www.inthehammer.com
www.inhalton.com
www.outbrain.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-22` - `2024-01-21`	a month	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sendtonews.com Amazon RSA 2048 M02	`2023-10-22` - `2024-11-19`	a year	crt.sh
d.pub.network GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
optimise.net GTS CA 1D4	`2023-11-19` - `2024-02-17`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.sendtonews.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.undertone.com Amazon RSA 2048 M02	`2023-08-03` - `2024-08-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Frame ID: AB32E29B83C0A3DD6FD33D1FD668C5D0
Requests: 183 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: 1CCF42D8AF71B346AE087425D6747C76
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: C977C20AC7592451B157B0D58F9791A9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12BFEE9BECCB81BBFDF3D2A8A2D72F11
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
Frame ID: 0D00C5B372B456EED84A07A7E0D2746B
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
Frame ID: 6530D4678CA12FCAFE4687DE19412732
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
Frame ID: 1B11C39443EEC57393A597BC38BA336D
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
Frame ID: 09D69E1CCF63D5A8EAEAAA636DA71681
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
Frame ID: DADE3A84FC5A6FBF38F3DC13AA2ECFDC
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
Frame ID: 762E20365E4E54A7918CD68B6F3DF1D0
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
Frame ID: 6E5E97A4DE57AA7A5E6749706B64C178
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
Frame ID: 61F8A3129BA006B5B39B823B935B72D0
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
Frame ID: 0EE54825E5F039B1EF745E5BA62FA11E
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
Frame ID: 514A65047B64CDB8B3C4E8C5FBF1B4B9
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: CF951634BEDA460DD7F15D2A94980FFE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New package delivery scam hits Ontario | insauga

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

421
Requests

97 %
HTTPS

49 %
IPv6

44
Domains

74
Subdomains

67
IPs

6
Countries

18676 kB
Transfer

49489 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/insauga/
Title: instagram

Search URL Search Domain Scan URL

URL: https://vimeo.com/insauga
Title: vimeo-v

Search URL Search Domain Scan URL

URL: https://www.facebook.com/insauga
Title: facebook-f

Search URL Search Domain Scan URL

URL: https://twitter.com/insauga
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UClbB81tMIIeAYfDU4EkrdDQ
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@insauga
Title: tiktok

Search URL Search Domain Scan URL

URL: https://insauga.com/all-regions/
Title: Cities

Search URL Search Domain Scan URL

URL: https://www.inthehammer.com/
Title: Hamilton

Search URL Search Domain Scan URL

URL: https://www.inhalton.com/
Title: Halton

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://embed.sendtonews.com/player3/embedcode.js?fk=dDWgnTNM&cid=13951&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-A/embed.js

Request Chain 73

https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2

Request Chain 278

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 280

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 282

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 284

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 286

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 289

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 291

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 293

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 302

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 311

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

421 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.insauga.com/new-package-delivery-scam-hits-ontario/ 120 KB
24 KB 359ms
252ms Document
text/html 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ed9fdec151d0a5cf34aaf03c954f151076c478014e356401ee6b5b99ae6632e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-apo-via: origin,page-rules
cf-cache-status: BYPASS
cf-ray: 841a2526cdde9a3f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 07 Jan 2024 06:29:13 GMT
link: <https://www.insauga.com/wp-json/>; rel="https://api.w.org/", <https://www.insauga.com/wp-json/wp/v2/posts/589944>; rel="alternate"; type="application/json", <https://www.insauga.com/?p=589944>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsB%2Bf5phVGKKcFibkd81qIArXpT01Z8zcM8xNl6KexbzrAvZ1KM51XJ814PM3JSc%2Bf616fkdkHxjqLhuB7%2Ft52Up0urY4R%2FqGpf5tgKFxt9DvGE15c%2BF9Ux1rv9YlaK85L%2F5kRAcnkYbqAYmZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 swiper.min.css
www.insauga.com/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/ 15 KB
4 KB 250ms
241ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/swiper.min.css?ver=4.2.5
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1e690b97fd97ddea7a60ef92058c356b1987ea28d6d9c9b397012ab712a297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Oct 2023 15:40:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYp1n656S2T4Zdey%2F3hFTB8kJ7kgAlhKxxPDUAgKyCzlHTFL6OOo60w10XZUonaRKiO%2BQEOj1tJnZctByDnbYXV8Ap%2FNJtJbxMtx%2FwIG7XSinmCRxHSeGbjJIwBgABNsu8jZ2JFbXplw6mnkIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e7a9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 style.css
www.insauga.com/wp-content/plugins/wp-tiktok-feed/build/frontend/css/ 53 KB
17 KB 254ms
246ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/wp-tiktok-feed/build/frontend/css/style.css?ver=4.2.5
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b920c3cc475810e74ee3a99f0282715622f04cf65bceed1717a988cf43702b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Oct 2023 15:40:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR2ItzlFGvO6hF5GTpHMeizy8ZOmaQtCWjUzmVXOGW1%2BH8Yg3po%2Bx%2Fpqn%2Fu51XyZADoo1M4g31cFMd0OKGyeq8tWmq8QG37R712YdrzA%2B6VaAlH4N8AQXYyQCjNwtQpZHyCmkTs4i2W6EA5Qdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e7c9a3f-FRA
expires: Thu, 11 Jan 2024 03:08:20 GMT

GET
H2 200 swipebox.min.css
www.insauga.com/wp-content/plugins/responsive-lightbox/assets/swipebox/ 4 KB
1 KB 251ms
243ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.3.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5Cs6FROW6Etwad9y9NBYlN0IgSidWtD9%2Fx42OB%2FciEXwRcEG2oODSB%2BUSzp0E1juPuwGrCdhoShp0%2ByDwSTdiSh1WlsWHBkXsqWeoQlcuuZ9MdOObyK%2Bn3Xu6FBms8Pf7qQvtG2K%2BtfKDJa7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e7e9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 mu-style.css
www.insauga.com/wp-content/plugins/sharethis-share-buttons/css/ 26 B
354 B 249ms
241ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=6.3.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Aug 2021 18:07:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ4JFA6cQbXbQWUj4AZsiIQ0r4FcEaeyIMYdC4fAsiyBfiNfLJtAPdsUH2ug%2FbY7aKOonl1XFv8sKkUPZ4ZkUBOMX%2Fp2N82snoLTm5F0%2FT%2Bu08%2B2pnIHVCFRI7W77FOsUCHERgSh%2FWKzyQVskw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a25286e809a3f-FRA
content-length: 26
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 newsletter-styles.css
www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/styles/ 8 KB
2 KB 251ms
244ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/styles/newsletter-styles.css?ver=1.4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5616ba10b6985a97fcf56a9b3cca7f01d770529844cedcd84c07a2d46468fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Mar 2023 14:28:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oJiW8AkyLy33gAxyK4Flzt1A2TKaOo0qz2UKeMsfevzks%2BdF9qWik%2F%2BsTPtB8h8IsNncTk0qTRpWNF9lncmNukXPy8B%2BiFDWzcfls%2FZTvK0HxEWWhrlfrMmdML81wBFQNfl%2B9zdCNp50lo38w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e829a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 main.css
www.insauga.com/wp-content/themes/insauga/assets/dist/ 307 KB
41 KB 252ms
245ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/assets/dist/main.css?ver=543d46f5
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55f1445bd860594cc315e2347cf2b25f66b4939c396afd0db5f3b2973ecc1da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Dec 2023 15:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGwjk%2BoySHZvkLX%2BJzrgoxPGfAOo3GHkJ7iD4ACawoXAfYCBGMK%2F0FZQ11tg%2BJNt1ZSzNKzOmLzQSV9hto9pwl%2FITqkAbjaXp8GgJIWphFtOcjQQQyzDVw6DpnRGiyMTjke%2BUGImz9DoLH1KIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e859a3f-FRA
expires: Thu, 11 Jan 2024 03:08:24 GMT

GET
H2 200 single.css
www.insauga.com/wp-content/themes/insauga/assets/dist/pages/ 2 KB
1 KB 249ms
242ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/assets/dist/pages/single.css?ver=66497db1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1029c010bf3ffffddf8526d41c53a774fc89bc5c35fe0a83a43ae5432b499d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Dec 2023 15:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CWTpMvSk14sYoz4EjMBvhvnM%2BOUU2mPUNi7CgiHffgIr%2FN7fTRK1RPk3%2FHhKe%2BIDwPdSdpacxHvl2zL6NqeX%2B4peEkPIhqk2u0C7yXKtPQIsddQJwnPRPZJyLNKY1dz9w0fqpZmbnrw9kz2XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e879a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 tooltipster.bundle.min.css
www.insauga.com/wp-content/themes/insauga/node_modules/tooltipster/dist/css/ 6 KB
1 KB 250ms
243ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/node_modules/tooltipster/dist/css/tooltipster.bundle.min.css?ver=1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Dec 2022 21:24:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0LS12yzoBL4CsBI7mCxje76z1nCVLaTZgiIBcpCRT%2Bm3m5rlMWiRKtIFT6g%2FYLFSvwciFOKN2uo4BmlsPylsV4c1UTU5VeSXFpKUW3FXNP8vLgQiXeHJIm878xf4w7K1zrfxRfEXAZtdE3jJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e889a3f-FRA
expires: Fri, 12 Jan 2024 13:56:50 GMT

GET
H2 200 smartslider.min.css
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/ 22 KB
4 KB 248ms
244ms Stylesheet
text/css 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VanAFmFzrviyuUsf29EDDjp%2BDeLh5PbrwrBdnQOsh9jU%2FZKsP6AZPyktHfOR1YHCAZ2%2FZWFMSfVUdNx2PI%2Bn%2FvHviokldBprHmXrQ%2Bzi51yk21PBF6K4KTEVli9dkVTkQXsKFYkVOdZx9F91Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e8a9a3f-FRA
expires: Thu, 11 Jan 2024 03:08:17 GMT

GET
H2 200 jquery.min.js Show response
www.insauga.com/wp-includes/js/jquery/ 85 KB
32 KB 249ms
245ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Oct 2023 13:23:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNpqxhGOpwdOgxIjjAOYPvE7F0iAwH%2F7OwMsVEi3p1ACAQTifPBloV1iZiJ7UXQ%2FcqdlouRHIBHfhWN8q1ZopCOYPUb%2Fp7DqodgVJJYscObaN7bbagzhrTDJ40aOMB%2B5Th9BVauYFfu4Gsfx8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a25286e8c9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.insauga.com/wp-includes/js/jquery/ 13 KB
5 KB 355ms
351ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Oct 2023 13:23:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQuqYkklhtNzHF%2BFQPQdlcjhbTHyL3EkHh87MESQyNuNIQuWMbD2okQ8K1iqa50tF3zXb%2BC9tao0SzYZTvxqComknoMndRQ9yTeg9w7iibnCpVDFXAnOZuDYW8RXv0CqDvhAMbraE7i5wy0A2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aea89a3f-FRA
expires: Thu, 11 Jan 2024 03:08:20 GMT

GET
H2 200 impression-tracker.js Show response
www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/js/ 254 B
543 B 354ms
351ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/js/impression-tracker.js?ver=1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ee20dcee8f8b2a1219e480a3cd6187678909c67aa87eafcff71c272fe60525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Dec 2022 21:21:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Sm0YsJfHhHuGYBDJvEiuO9ovqDHvT04KKpi2G7sgH1fzScBIXjoQFT15wccxHVpPhUGaFDyIO4xO%2F8AhcgZSnXMmhfVMeoah4Wp5hEKwzuJLK8HCudo2TR0%2Bt8X0nmGU3BWGZzs7qE%2BJbtfcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aea99a3f-FRA
expires: Thu, 11 Jan 2024 03:08:21 GMT

GET
H2 200 jquery.swipebox.min.js Show response
www.insauga.com/wp-content/plugins/responsive-lightbox/assets/swipebox/ 13 KB
4 KB 284ms
280ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.3.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926d1ab3abf48cf01377caf6adbed8c8a5e9dd1726e174c945af41137661404d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73Bml6ttcE6QTqJ%2BIc1Objfkw7f39wkwEcB3TJpADbD6Qt5YxnsTl960iqTcS8CDezv7MhzyVj8%2FOgmFlDiv%2BC2povI9FwfP9DbbJcVWgdQgJdenidzCwom7g4Y56BPQCHIIiJCYM9U0F1LSgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeaa9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 underscore.min.js Show response
www.insauga.com/wp-includes/js/ 18 KB
8 KB 352ms
348ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 30 Jan 2023 16:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKjFXefj8m5YONjyBgvgKhoaFnL%2Ff3xYABcxS7GfOdJS%2BJ2voP78hJLJR3Dy1dY0HE7MBW8ugKe9QtD0lhW%2FdMCm3usIBXHFS%2B3tL9vTLg9KquhnyeAhgfHTqUMunk%2FuE%2Betd%2FJG6T9pcptznw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeab9a3f-FRA
expires: Thu, 11 Jan 2024 03:08:18 GMT

GET
H2 200 infinite-scroll.pkgd.min.js Show response
www.insauga.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 25 KB
7 KB 285ms
282ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=6.3.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuqwWjwfLv%2FXU5GcgScAZxDtnAUUFuFj6y%2B6E74BlgfqVHH1kocNJ4dTTfd9Z0q51KoOvSH6z0tBDugjsfas8UpQo01a4HbFa1%2FJPy37PmElM9604OsU6QMlDZsg6GlsrboMUx1vkAfphqcj4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeac9a3f-FRA
expires: Thu, 11 Jan 2024 03:08:25 GMT

GET
H2 200 front.js Show response
www.insauga.com/wp-content/plugins/responsive-lightbox/js/ 26 KB
6 KB 284ms
281ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyxdPyQMpQhqN67UDvGQmXKyBcKiVf1G4O8v1Vs%2B3KL5uD2eJp7ZHOBLFHRiNIDe0eAkmu4iXVbgoqMDuy81OYlBEsqd7lIBh%2B3iTl%2FLty9XgRxJuw1Gtw0F51VgVljdxiv%2Ba7BniIypJSmV%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeae9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 205 KB
46 KB 166ms
44ms Script
text/javascript 13.32.27.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-80.fra56.r.cloudfront.net

Software

Resource Hash

e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:20:12 GMT
content-encoding: gzip
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 541
etag: W/"332a8-To97sGKRp5b4v/9hI/vRCFXWuNg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: IKJS_BgeIto57g18NAs-CM6WHy-jyQqptuAPy-L6v3p0GsarbeJl-A==

GET
H2 200 newsletter.js Show response
www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/js/ 4 KB
2 KB 284ms
282ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/insauga-daily-newsletter/assets/js/newsletter.js?ver=1.4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263625688b2b0af7a02a3ed002f34511e699ead71794ab04a42a40722cd5a8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 02 Oct 2023 13:18:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI%2BvdsCEh6lH%2F0efaiKbvHl9Aj2CQsudz4wYvBBbSIjg9v%2FQXxdgMe7wQ2wfFg6kh5S65CiRCYvbVs0huhQ9sc567rueZ1stHlHLAzCcztR%2Fv99bI0ZsK2i4bKVey%2FU8QkeqNspWvWYpEPso4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeaf9a3f-FRA
expires: Sat, 13 Jan 2024 22:24:11 GMT

GET
H2 200 tooltipster.bundle.min.js Show response
www.insauga.com/wp-content/themes/insauga/node_modules/tooltipster/dist/js/ 39 KB
11 KB 352ms
349ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/node_modules/tooltipster/dist/js/tooltipster.bundle.min.js?ver=1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc6a422ff120aa9f97f799b541eef116a6b222cf13e1ea8574ca16a8fdd6c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Dec 2022 21:24:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3PiSdZGPP%2Fw16XlFV%2FtS%2BFFIHIJPLWM9khezvfOShf0e8n7C6JAeekFTpqewJlmtkS03IUESmDSLdvLh6jQJmGgVjZrnm8c0caY2XJ7fNqxTdt45TVUPgOY2a794up1P0i7%2FmBocH9812GIMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2528aeb09a3f-FRA
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 142ms
52ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500&display=swap

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79d90de29fa3778d7869eeeea23a0e5d2baf49e548b3bf44d1e8673ed44d86b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 06:29:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 06:29:13 GMT

GET
H2 200 620acb6452.js Show response
kit.fontawesome.com/ 12 KB
5 KB 167ms
53ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/620acb6452.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe542370a4b56923b092842c75262bcbfed6aedaa6c22d32aa7d3dc9696c2ead

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 43
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 841a25291dc69b7c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6HzUna5vrhryBp7tX7h

GET
H2 200 cls.css
a.pub.network/insauga-com/ 930 B
847 B 150ms
57ms Stylesheet
text/css 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/insauga-com/cls.css
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fbe9e10f0eb649e6e2f51c0cfa510258e27fda43bafbbe79ac055e66f205509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: ABPtcPr0DbvwEsVrSludflvuDqJ_qyihooFjXu52L7n1uKYe3P7QMfLZ6j7OkJnGCrDIDqhfBIM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 19 Dec 2023 20:24:54 GMT
server: cloudflare
etag: W/"c6dd1c97f1f3ede33c8edee113be5725"
vary: Accept-Encoding
x-goog-hash: crc32c=epfkTA==, md5=xt0cl/Hz7eM8jt7hE75XJQ==
x-goog-generation: 1703017494721778
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 930
cf-ray: 841a2528ff4d2bce-FRA
expires: Sun, 07 Jan 2024 06:59:13 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/insauga-com/ 51 KB
19 KB 52ms
44ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/insauga-com/pubfig.min.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b5e1e68169ba720b6669063b41e5b3d6211a9e85391fa9d64c9ea86b742fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 131469
x-guploader-uploadid: ABPtcPq2EtC82JgmWM1Mw_1vl_Pm9JFGsx8fXr6fnuWqr5X3EaxsJdDRP8--KkW70uX_8PxifIY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 05 Jan 2024 17:23:56 GMT
server: cloudflare
etag: W/"32bd1a403f38b41ed9fa4a812764b53c"
vary: Accept-Encoding
x-goog-generation: 1704475436295640
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=mBPm7Q==, md5=Mr0aQD84tB7Z+kqBJ2S1PA==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 52498
cf-ray: 841a252b18582bce-FRA
link: <https://d.pub.network/v2/sites/insauga-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sun, 07 Jan 2024 06:59:14 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 239 KB
86 KB 168ms
41ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a8891b56bbab9e732b67abe356c6638b18ef9f050586acf4489536b0e840c6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 12:52:48 GMT
etag: "23-WUw7F/ALlsPbZ2Nrd2mozMREYKU"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 3676860dcea1dcbeeeeb47e2dbd14823
timing-allow-origin: *, *
content-length: 88130
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 222ms
98ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38e80a044364622ef78e49df09e8e20253ab6c154fc76d30fddc24260ebd2c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29230
x-xss-protection: 0
server: cafe
etag: 285 / 19729 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H2 200 n2.min.js Show response
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/ 90 KB
35 KB 214ms
206ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d2d5e5223c56f16313db54ea5b9c44978afd8982423e3cf88fa034677ea17ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVwZMcGWqiwIdn%2FYu9iiLn4rsiF5JyUlnVlyrrm8SWwbwkbHisHbHc1ZFNKgxDstcI1mKo%2Fqt8Eq1OkXnCknz6cPA4XJp76eWNWaHute9n2K7lEbp%2BHEvOJmYr6niWFZ5t%2FgyLDCRQ6%2BGhmstg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f8d9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 smartslider-frontend.min.js Show response
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/ 215 KB
51 KB 214ms
206ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64bb21d450aacbee1e5ae72fdc4786267652f7f678739c1afb8e8814188ff14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeGKc41FkGqZBBw4r%2BS6eSJQlIKEUzPjOwoi2RFdDTJclEgoaCotyOdhW20uZimEZf9ioQIEYK8cGQhXY7xxJ14g2jCjtWBSz4MGqQQwFeB9vPOOl8NlRtq5k%2BmI61f4P%2F8aSmU%2FSH4fUoI5jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f8e9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 ss-simple.min.js Show response
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ 13 KB
4 KB 212ms
205ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa596e723e0e82a47f0e332b2dc334eeffc67730ce9098cad1dcf218c18893c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Comyovn%2FDkAd%2F0%2Fx4w0H4y4YA9XvmbvVrTr5vmFgoonNLVFTbg1aAaHpxhNzT50Pn9RGIJS%2Fxvk2oOa41vNrsCmbWxaWbv%2FQ4zjzVIHQfBiQ%2F8soqh3%2FFzQygEaH4n23f0nwKvgD1E52Sd5VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f8f9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 w-arrow-image.min.js Show response
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/ 1 KB
921 B 222ms
215ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noppPXz1tn4%2BoHXWtiUeSWmjcJo4jCGOpQbgaBN6st0l5MF%2BUmWDF9Q8Kz4jSKJFE7PMKt%2FVEgBjx1ImyU5zYCDf0GLqc6%2B9Fat2H5ajXoZEGTeHT%2BP5c9dsAtekE9knVntqJUBhE0lypZmdcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f969a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 w-thumbnail-horizontal.min.js Show response
www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Widget/Thumbnail/Basic/Assets/dist/ 4 KB
2 KB 220ms
213ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Widget/Thumbnail/Basic/Assets/dist/w-thumbnail-horizontal.min.js?ver=4e06d1a7
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1fddf504afc9da5c3a0666f4542257a8d57725cb5c8784a6a26fb47f8c4d8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 16 Oct 2023 14:15:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un2FceWwkzZh69dw1%2FWNSAKSfw7XNWmHSc3jC6NYZUBZp5y1DSDkyGXub2jWYGWjlpR5Bnaj6L2reQNrdGlJXD35BKV1Jl5nLOu3v3nTOjJM8KzvJuQD9yTiruMUg4UhnVHxC5ZVO3KVwSQV2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f979a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 insauga.png
www.insauga.com/wp-content/uploads/2023/01/ 1 KB
2 KB 218ms
213ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/2023/01/insauga.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c499af4bfdd452ab6dd9ccbad6e90b848a715d114aa4b54ec31131724ec96936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 03 Jan 2023 14:32:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJKFpbVkvpRkaH158Dy%2FKHyJW90KBNYkgvsvjx7jjmz%2FCrt6SS0tmJPxqW9P6qTFmBKiC5IGGzzB3d%2BU0dIHA0q8B7fcTgwRU35Y2omK%2FhjRnLXqpPA19HhjGq3kCpyZpUvJ2UkxOVDp2%2FLd2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252b2f989a3f-FRA
content-length: 1442
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 package-doorstep.png
www.insauga.com/wp-content/uploads/2024/01/ 1 MB
1 MB 279ms
278ms Image
image/png 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/2024/01/package-doorstep.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2564e45a79a215ad3bca0b98c107a21f5952a438be50675a72026ad1d739801c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:13 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 15:50:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36B1T99hll4nQtjcmY0eXxRKksp8X47%2B5%2BaYEwPLjhzgthC3972LX1UWy9EVjpyyxFZM8dISakdM5TqS3C0PLswr7KjpKviIesaISfUCGlWrW7kCyvngjBWuMXgkqyNYSmkXXTSAKAwAntE4uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a2528eebe9a3f-FRA
content-length: 1372070
expires: Sun, 14 Jan 2024 06:29:13 GMT

GET
H2

200

embed.js Show response
embedcdn.sendtonews.com/easy-stn-player/7.29.5-A/
Redirect Chain

https://embed.sendtonews.com/player3/embedcode.js?fk=dDWgnTNM&cid=13951&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-A/embed.js

7 KB
3 KB

132ms
106ms

Script
application/javascript

108.138.26.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-A/embed.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Server: 108.138.26.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5eaf9dcbb71c48e1f5c30c31610f3f2eea90dba2dbf9d2fef6381ebca83cfc51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:28:40 GMT
x-amz-version-id: OLXSQkMNOjuXKz7m5ruDW3YkulpkQxxW
content-encoding: br
last-modified: Thu, 21 Dec 2023 20:29:17 GMT
server: AmazonS3
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"b464c4b1c41b6a4504f7b04d42bd7ebe"
age: 34
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AOfY8qEjIweGEjPPGLCO1MSyfnQ17qNgqYnhN-2EsROqVC1l7NkRAw==

Redirect headers

date: Sun, 07 Jan 2024 06:29:13 GMT
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: FunctionGeneratedResponse from cloudfront
location: https://embedcdn.sendtonews.com/easy-stn-player/7.29.5-A/embed.js
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: fC_IBEYr1cAPJTjpygRQs-6g0nG6xLigOOhO2dM6owdbubdnvFHKHg==

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/e7dE4wZiAog/ 15 KB
15 KB 145ms
41ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/e7dE4wZiAog/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14b2ed75706366ac466a5e05b7cd5fb65ac4c0c2e128302ecc8878a5601b4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:45 GMT
x-content-type-options: nosniff
age: 4588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15037
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:45 GMT

GET
H2 200 swiper.min.js Show response
www.insauga.com/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/ 207 KB
46 KB 141ms
140ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/swiper.min.js?ver=4.2.5
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993d8adb5355f1f018b4b6eff0e082e1b0f8f30da9a2396b72645d5cbfb15bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Oct 2023 15:40:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Brp2GIntZnSRk52UEz6KLgig0SoJR8wenuBWWixqHEM7Vgaoj0kBDnYfHBXpK%2FSIiZrCgTTIkqWd2IUKWMliia8CZcKQ0JLrToKiHlXMI%2BECj52WTGPeZ34vbP8RodoG3WeokhZ1WjOR9iMPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a2529ff1b9a3f-FRA
expires: Thu, 11 Jan 2024 03:08:25 GMT

GET
H2 200 imagesloaded.min.js Show response
www.insauga.com/wp-includes/js/ 5 KB
2 KB 155ms
155ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:43:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7iICDl63AYcaB%2BCw7ZyiM2vWjkHmLuxJRUx9eZ5r2YKy0heicbENUU9DJO%2FEYW8lj7RhwfeFz1Ne09lypQeA9TQqdjKu711cZG%2FO5vcZ6c67unFcqsC8CS76SzyD3hjrKw3QJBDD9nDaR7ANA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252abf6b9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 masonry.min.js Show response
www.insauga.com/wp-includes/js/ 24 KB
8 KB 207ms
207ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 22 Aug 2021 20:43:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AY9jiRZm6bKmHoMBAF5gMMSt9Pyxj%2FIlvFjj9SHmbxccD4cDF8pkoX%2F2KEcWu5gDrX%2BUbC%2FMyj8Cs1N1PXtVN0Lyg4L0WMx1zwaMH27Yjv%2Bf1igzEgXNpnoz4PDI%2Fo5cnMQ%2FFwDOlcPNQYqTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b1f879a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 lib.js Show response
www.insauga.com/wp-content/themes/insauga/assets/dist/ 193 KB
52 KB 216ms
207ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/assets/dist/lib.js?ver=5790bc32
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b435b190ec472810853b7a339bb9892e5ae8114809be699c421282e67e795d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Dec 2023 15:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrxMuIFR1qTrV8xyTus4vgpfLD6nKEE7aPwP%2BXeTGU4X84S8Kv8PIoyE6YPKqufm6gULTU%2BXvsEbnD6RYsdSW0hw8M8uFLkvifZkie7xZDB5QjtfvgsRvlZxkhF65smDB3NIseuujPKxU17l5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b1f899a3f-FRA
expires: Sun, 14 Jan 2024 04:43:36 GMT

GET
H2 200 main.js Show response
www.insauga.com/wp-content/themes/insauga/assets/dist/ 16 KB
5 KB 218ms
209ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/assets/dist/main.js?ver=a3f8eb4b
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8bef2caa83f2bb23c827fe587d647710fa80d23010e5ec1d05020b1cf9588bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Dec 2023 15:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOTZNNyzTnBYxRRYvZxk0Vu1c0Y4mkicMtpaTDKub1Qx%2Fh4dpLkxXphIb70QN7BuiXbDNHl2ehmreySNSkZnXd1XGFnnxgWTW89Itz2xLxO0aOGYiqb7ranyCFSrMnv0cBB6wszxz0%2FjTVflmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b1f8a9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 single-post.js Show response
www.insauga.com/wp-content/themes/insauga/assets/dist/pages/ 2 KB
1 KB 207ms
198ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/themes/insauga/assets/dist/pages/single-post.js?ver=e1632023
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6857371393a211519cf66b7fe83b1b189a97ab6a1b2532b3ad9a1b37b4a4258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Dec 2023 15:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wB2d%2FmGYQxSz0bYbpakahEI8zQzTaHOUX5zRBbdC85kwWb69vJRdXca%2B8OqswMUFzMhQdyC3qR3A6alPyxOxt4wecCwlxEnfECJ0bqbKUxY5g07ewFX4McpMV9y6kdNZtChER8TPvaIqou%2FxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f8b9a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v2/ 103 B
617 B 438ms
42ms Script
text/javascript 151.101.1.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 06:29:14 GMT
age: 1613806
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 272ms
168ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.2

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2483
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 841a252bcd572bdc-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 06:29:14 GMT

GET
H2 200 60ba74becdfdc30011c6f81c.js Show response
buttons-config.sharethis.com/js/ 1 KB
899 B 590ms
40ms Script
text/javascript 2600:9000:206f:9a00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/60ba74becdfdc30011c6f81c.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:9a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05e55d3f3f705314388e03d10535d8c0c352757f7fc68af42f5346fb5b87b3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:28:31 GMT
content-encoding: gzip
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 31 Mar 2023 14:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 52
x-amz-server-side-encryption: AES256
etag: W/"d84bb2869a676a28c874a263e3cb3591"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: qLMM-aBO8qfm0uxx7IcyZnluG8Q8cy7JtDmsbcGl5az0MbXN7IHMnw==

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v5.15.4/js/ 14 KB
4 KB 79ms
53ms Fetch
application/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=620acb6452
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/620acb6452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 3458214
etag: "610ae215-1003"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 841a252b3eb09b7c-FRA
content-length: 4099

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v5.15.4/js/ 40 KB
14 KB 80ms
55ms Fetch
application/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=620acb6452
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/620acb6452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 3279235
etag: "610ae215-37b8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 841a252b3eb29b7c-FRA
content-length: 14264

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
72 KB 182ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8X3BQZ

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49f72af4368738fac9dfbbfd9351b919893fdc8248120d6b5a274e429a25090e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73613
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H2 200 matomo.js Show response
www.insauga.com/matomo/ 64 KB
22 KB 220ms
217ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/matomo/matomo.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 02 Nov 2023 17:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9vLJGA0itrUBkrkIpIQ2uaMrr9K0x8onZ7lYd5Ysiy23a%2FMZtXxLJPioK3FccI20Wq%2BNXwtt7UsWQOnjU4%2BgZfEuKTWcMk1ANhO5lQ7tgVulaQrDqwZ%2BlaDgkcC8iSsCu1FYmv60bVnIZ98WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252b2f999a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 208ms
49ms XHR
text/plain 3.120.45.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.insauga.com&location=%2Fnew-package-delivery-scam-hits-ontario%2F&product=unknown&url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&cms=unknown&publisher=60ba74becdfdc30011c6f81c&sop=true&version=st_sop.js&lang=en&description=If%20you%E2%80%99re%20eagerly%20anticipating%20a%20delivery%20from%20Canada%20Post%20and%20happen%20to%20receive%20a%20text%20message%20saying%20that%20your%20package%20is%20being%20held%20at%20a%20distribution%20center%2C%20exercise%20caution%E2%80%94it%20could%20be%20the%20latest%20scam.%20In%20their%20latest%20deceptive%20scheme%2C%20scammers%20will%20send%20a%20text%20message%20posing%20as%20the%20Canadian%20postal%20service%2C%20falsely%20informing%20recipients%20that%20%5B%E2%80%A6%5D&ua=&ua_mobile=false&ua_full_version_list=&uuid=574064d9-2ffb-4c47-8feb-ff36788d6d9e

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.45.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-45-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.insauga.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 528ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 478510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:34:04 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 561ms
86ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:46 GMT
x-content-type-options: nosniff
age: 198148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:46 GMT

GET
H3 200 easy-stn-player.js Show response
embed.sendtonews.com/easy-stn-player/7.29.5-A/ 683 KB
191 KB 256ms
195ms Script
application/javascript 108.138.26.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5995a87d88a07890e330721eaf611d876b9644a916c71be217dbfc0b0bba8370

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:03 GMT
x-amz-version-id: Iab0qqRUsGFkQQTEdfuvQySAF3n_w01W
content-encoding: br
last-modified: Thu, 21 Dec 2023 20:29:18 GMT
server: AmazonS3
age: 12
x-amz-cf-pop: FRA56-P7
etag: W/"6d9f7f1a95a5454d6e956759ce7bad0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UZnyz23sKyde-aHYZFgiP2La9OJ-W-FqUuPWWPwFXER5D8ZDG9578w==

GET
DATA 200
OK truncated
/ 372 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92cb34ab68b392664900ed421954c9a7d19e4abfb9120c2966a2513a732bc61f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7dbd67a716699b9050be0fcf74cd8421d2439439fd52b02e98771a9fe13162f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e1ba679b1131a2a56d9478d56c7ce17d93a844799a83b0dfd3d0203fdc8b26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 configs
d.pub.network/v2/sites/insauga-com/ 44 KB
6 KB 242ms
98ms Other
application/json 34.160.152.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/insauga-com/configs?env=PROD
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: fdcc781063be4b81b5af6c68e2b04a37c5ee54564bed9662b0548979d8685690

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.insauga.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 Screen-Shot-2023-12-22-at-11.29.51-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/47e15c6a3a9dceec23057cc81097c1e4/ 1 KB
2 KB 148ms
142ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/47e15c6a3a9dceec23057cc81097c1e4/Screen-Shot-2023-12-22-at-11.29.51-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6fdfce82c380006c9aabd9bcfb7cf0df67a6e8217a1cce5621d21cadb6b0b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 16:31:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJjpLwB%2FW2F%2F6OqFWwputBC5RmfZwYTpJAqulgKthtNtxuJSHcRuq68fjjK%2Bi6UeLSPrvLcHAGPDVMw9ptre69NpRk%2FjP1fMI6rvwu8j3rbzH3Ql5hXOX%2FftBpt3zN9EHCloD9LP2Vq2wENVvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c38079a3f-FRA
content-length: 1400
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.52.21-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/68f2c9eeb5e11ca516e5368c1fa8f0af/ 640 B
989 B 146ms
141ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/68f2c9eeb5e11ca516e5368c1fa8f0af/Screen-Shot-2023-12-22-at-10.52.21-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4897e65a60b038373d42e5d898014107c456670929e2a1da682161e03ccc16e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 16:00:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVyVoiJu7jkKPIoBFWZ8mqzpDNK27SbmLAgMUfTwQGg%2B1L36k%2BWmw75RtYescpQpYPqFXmsgVYMlfIKpI39SDJk1QCdNk4nnEFuv8rHULpQHbbKMYarM%2FKFHRBQBPtvfPZ806G1%2FwJBTamgFhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c38089a3f-FRA
content-length: 640
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.52.15-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/6d7233dc5b203e30b32ade765a498e0b/ 2 KB
2 KB 146ms
141ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/6d7233dc5b203e30b32ade765a498e0b/Screen-Shot-2023-12-22-at-10.52.15-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c3628456b4bde2b6911e0591c73bf4c7758c54f59d0317e1a0dc3242b099fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 15:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lySKkU44xhkbiIXg1rQkJsrVuYfzLY0Ru1RNzTfekweNjlTZPyACoDjxfdWuosIJwZJqKccI1oYqTnTE5Q9rOnMTMtf08MxLkJscg1d47yUME1iMgI6OK6CrwK3AgIkszNxU1Yr55XALGlga%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c38099a3f-FRA
content-length: 1572
expires: Sun, 14 Jan 2024 06:28:52 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-11.29.45-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/6b129629fab3eaea4a6668bf95eb4ece/ 1 KB
2 KB 147ms
143ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/6b129629fab3eaea4a6668bf95eb4ece/Screen-Shot-2023-12-22-at-11.29.45-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a619d0f2106408e910f5a3414b8e989bdd48cc19ea80662889d346e99f93c3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 16:30:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FynIfh0N7RvXIp5n5Shs4mfEc8B33D3lZe9yBAxGdBOhB7I9%2BL%2B3Ix9beRzThZUDKW1620CqsiBv5IBBCDoFDrH20%2BxhYSP44MdCxcDCFYwxbAfLx2yzXhrMEyC24SOIPcCUyAxzohVQi1IfFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c380a9a3f-FRA
content-length: 1456
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.52.10-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/8136243d8c967a52d22fad9bd9d56daa/ 1 KB
2 KB 151ms
147ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/8136243d8c967a52d22fad9bd9d56daa/Screen-Shot-2023-12-22-at-10.52.10-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459715b6e6c5589c7780a874b29729f0ba77c1ee1baf38832509fd5bd17551f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 15:58:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq9dOGCywotBSTrMTLXVfUmKYFUIaa2MAfm934gPxNf0s81ZCQ5zsJ1Jk0%2FriX%2F5EZKRqCc%2B7ATc9aW4xM%2F5F4T2%2Fy7YFzW7ihFDC3NNCDfPDqo9eESh3SbcGNyx%2Flu9rvdC7SlECFJYGPDADA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c380c9a3f-FRA
content-length: 1394
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.52.04-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/a865f71d1e9477b1dc941b834f205fa2/ 676 B
1023 B 151ms
148ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/a865f71d1e9477b1dc941b834f205fa2/Screen-Shot-2023-12-22-at-10.52.04-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16bc0856c3e9eb74118b11fa6a87b0d8ef2ddc25760008fe4ce6010ba2a8618f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 15:57:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BL0lkmjkYon5CvSmJNz4kr1a7qftjIBUZ57qgRKeQWrg3fK52kUO9nwdcd29nMhFCF7x%2FQHWXzfWUpGHit8eQl2kxznljpZgn%2FggU3TV3I3d08SKGLHkZoKfcuED46fEV69eaKgEI%2B3S0UzvNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c380d9a3f-FRA
content-length: 676
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.51.59-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/c41f1e188345c1894682142e09213d7c/ 2 KB
2 KB 148ms
145ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/c41f1e188345c1894682142e09213d7c/Screen-Shot-2023-12-22-at-10.51.59-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d3ec333952c837f0b3305d9196e676bc7ecd4ed3d8045665b778602f31d5cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 15:53:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orif%2B5grykxOLGchKWOJjOb2f%2FXPru8i4jQG0yplK9wtCnnAB3Ihkn%2F3JOElo6S%2FN3T87yrCziaNiJ9hohZiU%2Bio%2BJm2Dg7IXQRalOenKWOJN%2BfNvoJ2wA6qmCgfiZrbqH0D6ou42L0kmuq1tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c380e9a3f-FRA
content-length: 1702
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screen-Shot-2023-12-22-at-10.49.42-AM.webp
www.insauga.com/wp-content/uploads/slider/cache/c8b7a4d8a871dcf45d8370bb27e7f320/ 1 KB
2 KB 151ms
148ms Image
image/webp 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/slider/cache/c8b7a4d8a871dcf45d8370bb27e7f320/Screen-Shot-2023-12-22-at-10.49.42-AM.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f84418cf06ce92e7f7d00c00977db0f8d150f3e866eedb0031b151a86a5e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 22 Dec 2023 15:51:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnE0TlFKBHeIsM4ou3dG9UaWqX6xwzJwJZStmPn9%2FILusBbv07Ik%2FIw9TSv63NlsL2ZS9JcFhnm3WTiJ%2FJTpKlLsJzyXb7aOz8JwFbBg1PD6jpmnYhamqik4P189GwidgLRnxx9juXJrXrxq0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c380f9a3f-FRA
content-length: 1324
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 Screenshot_20240106_091206-768x555.jpg
www.insauga.com/wp-content/uploads/2024/01/ 58 KB
59 KB 151ms
149ms Image
image/jpeg 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.insauga.com/wp-content/uploads/2024/01/Screenshot_20240106_091206-768x555.jpg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aafd53863b6ac95432cf92b35981bcccf56fac3630901fc5608c686ca01975c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 06 Jan 2024 14:42:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJElVFBKT1PpwQBPW19%2Fb4oGa1TkgF1%2BtRJcGLosDMQuujLAwqAIXcisrm9Y3KKjhEcNJoCdTFxfbOjmuYIj5opdfWd776td65jMJPJv2Or75NpEAWCJjWl%2BIfTuoJENoff4OZ71%2FNQ587ER0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 841a252c38109a3f-FRA
content-length: 59854
expires: Sun, 14 Jan 2024 06:29:14 GMT

GET
H2 200 workbox-window.prod.js Show response
www.insauga.com/wp-content/plugins/pwa/wp-includes/js/workbox-v6.5.3/ 3 KB
2 KB 144ms
143ms Script
application/javascript 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/wp-content/plugins/pwa/wp-includes/js/workbox-v6.5.3/workbox-window.prod.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38d94cf197fc33297f7ddd2462569c82e31ec4606ff7930f06871ed41b625749

Request headers

Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 17 Oct 2022 14:18:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGPi8kMFGY9ezAM7ZGliVTYWG8PYgW9SLZFg%2FLl1XW%2FhAhIU2BFjKlprgtvVz987%2BQGJSx7ae8pUWEMp57ffhBSw02S5vouTWkmpo%2FT5ks2ieFGXi3orcNADwEQYo9g1nBczCg0k7%2BJkwbIL9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252c38059a3f-FRA
expires: Sun, 14 Jan 2024 06:29:14 GMT

POST
H2 204 matomo.php
www.insauga.com/matomo/ 0
329 B 339ms
338ms Ping
text/html 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.insauga.com/matomo/matomo.php?action_name=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&idsite=1&rec=1&r=775273&h=7&m=29&s=14&url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&_id=f10441d87e25239d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=JjgDZg&pf_net=108&pf_srv=252&pf_tfr=86&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/matomo/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FrWsDJKlh%2FGzEI7ZmCQiurSqF10%2BcErx2RDtuXC63V%2F4J1AXV0hl4VCTN3crNov1tX6Em8ngRR54RAJ4Xv2rWn6C5B6ZUInZLV5tPH1VdGsgpXUNsPa5fjDzl1BQ2CgBZYkD6kRZbvqKcnhPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.insauga.com
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 841a252ce8619a3f-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52569
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 05 Jan 2025 15:53:05 GMT

GET
H/1.1 200
OK d3d3Lmluc2F1Z2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 201ms
40ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmluc2F1Z2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:14 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=17927
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 55f36da7b6a3e3a789b23a125cdd9974
Content-Length: 15
Expires: Sun, 07 Jan 2024 11:28:01 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 61ms
45ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 06 Feb 2024 06:29:14 GMT
date: Sun, 07 Jan 2024 06:29:14 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 192ms
74ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=insauga.com&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.insauga.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://www.insauga.com
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 07 Jan 2024 06:29:14 GMT
expires: 0
fs-client-rtt: 39
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 64ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HWZRD1G07G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8X3BQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22165c1c34db362aa926dd117f24696f8a0038694d3867620d146ff33edc7078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 143ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8X3BQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 05:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2457
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 07 Jan 2024 07:48:17 GMT

GET
H3 200 / Show response
optimise.net/ 3 KB
3 KB 120ms
40ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=insauga.com&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/insauga-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

e2741f71d3f6d0a27b68257f6426a49df3dcf4e08f9eeacbfb152f4880b47373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sun, 07 Jan 2024 06:24:11 GMT
fs-client-rtt: 38
age: 303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3122
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.insauga.com
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/
Redirect Chain

https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2

5 KB
2 KB

171ms
42ms

Script
application/javascript

2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 298ad344d4e35f8f3b08bff5f4a1238366715cef82cee3c3b8d808bd9de4c49a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: br
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 20:56:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 51
x-amz-server-side-encryption: AES256
etag: W/"96631005cf2485af4fa595a2c19a91aa"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dNqmtnoY_kqPyvDgqF6sQXo4GuDR1O7Oyh12teP0BAJr1XLSo96M9A==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2
date: Sun, 07 Jan 2024 06:28:24 GMT
via: 1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 51
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 20:59:02 GMT
server: AmazonS3
etag: "2b493ade70161f86cb4ae65192e26c63"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: sRUEI8cAKP0gIPEbsR4jSrK48wLxqFlgi5U3ISu0P49I8qIp6r8peg==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 56ms
55ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2779
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 841a252e6ead2bdc-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Jan 2024 06:29:14 GMT

GET
H2 200 times.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 632 B
417 B 54ms
46ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/times.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85319456d833877d3abd0898544fa2efaf5969b05497e1fb20f2c849d9e439d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:30 GMT
server: cloudflare
age: 375380
etag: W/"610ae31a-278"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e880b9b7c-FRA

GET
H2 200 chevron-right.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 486 B
377 B 55ms
47ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/chevron-right.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe1a07ee79876cf167db5ca49f0a6588c6a7ac3d6f963083f3e2366105e1845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:55:52 GMT
server: cloudflare
age: 4923922
etag: W/"610ae2b8-1e6"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e880c9b7c-FRA

GET
H2 200 envelope.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 711 B
555 B 54ms
47ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/envelope.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b667d0b984ee4adf835d526806c9a06522431d5cc830fada82dabdfe36163a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:55:56 GMT
server: cloudflare
age: 4760176
etag: W/"610ae2bc-2c7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e880d9b7c-FRA

GET
H2 200 bars.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 560 B
344 B 55ms
48ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/bars.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 204f9715c5160102ee1963b4e87592d839d884a8e074c2ae19c527ec51575b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:55:48 GMT
server: cloudflare
age: 5086073
etag: W/"610ae2b4-230"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e880e9b7c-FRA

GET
H2 200 search.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 554 B
449 B 55ms
48ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/search.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:56:10 GMT
server: cloudflare
age: 3375079
etag: W/"610ae2ca-22a"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e880f9b7c-FRA

GET
H2 200 instagram.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 1 KB
647 B 54ms
48ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/instagram.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72864f45951701ed5abeff31fff9660ccb7922e687aa201131c2327640146038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:13 GMT
server: cloudflare
age: 5116432
etag: W/"610ae219-473"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e88109b7c-FRA

GET
H2 200 vimeo-v.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 598 B
482 B 55ms
49ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/vimeo-v.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 005f0120f2ab186b949156b6f2871dbc5d6a6149cdab6c7738524c863f9b89cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:25 GMT
server: cloudflare
age: 5028381
etag: W/"610ae225-256"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e88119b7c-FRA

GET
H2 200 facebook-f.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 389 B
379 B 55ms
49ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/facebook-f.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6fa13cbab91516913fbcc921f76bd67b4792d6cf4ffd846ba8aa18ad572059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:11 GMT
server: cloudflare
age: 3378116
etag: W/"610ae217-185"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e88129b7c-FRA

GET
H2 200 twitter.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 1008 B
671 B 55ms
50ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/twitter.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:16 GMT
server: cloudflare
age: 5088021
etag: W/"610ae21c-3f0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e88139b7c-FRA

GET
H2 200 youtube.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 687 B
466 B 56ms
51ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/youtube.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3324b939db83e4783489b6a1511d1a8a77b6f5f49825557d2a3c79bbbf38fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:25 GMT
server: cloudflare
age: 4659388
etag: W/"610ae225-2af"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252e88149b7c-FRA

GET
H2 200 tiktok.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 436 B
374 B 92ms
87ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/tiktok.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55cbe47daae2e1d00bd3185c4dd5b23f43c658c3a072cdb369f4080523e222fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:16 GMT
server: cloudflare
age: 5873943
etag: W/"610ae21c-1b4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8319b7c-FRA

GET
H2 200 times.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 605 B
401 B 91ms
86ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/times.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b882632c50e1e7165ce5aa20c6e3f870e18e96101c9af9f59174aa88bbd5d580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:56:17 GMT
server: cloudflare
age: 492599
etag: W/"610ae2d1-25d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8339b7c-FRA

GET
H2 200 map-marker-alt.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 461 B
425 B 94ms
89ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/map-marker-alt.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7dcdc6e0616a78036b0b985b427493e75ea98ebbf081831224cdfa96e463e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:19 GMT
server: cloudflare
age: 4827636
etag: W/"610ae30f-1cd"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8349b7c-FRA

GET
H2 200 angle-down.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/ 403 B
359 B 100ms
96ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/regular/angle-down.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eef6cfaefdd4ec58afa0580bb31685a377f331b1f7ff5ae3cbf81c0b494c3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:55:46 GMT
server: cloudflare
age: 3463872
etag: W/"610ae2b2-193"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8359b7c-FRA

GET
H2 200 arrow-circle-right.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 539 B
457 B 99ms
95ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/arrow-circle-right.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d3aab6e39ef96893870b5f58b0886cfecb74bc07c32679c97f5a0e9bffc2b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:00 GMT
server: cloudflare
age: 3197369
etag: W/"610ae2fc-21b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8369b7c-FRA

GET
H2 200 plus.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 456 B
413 B 96ms
92ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/plus.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee060bed93c69b6f61e46a6eda98728facc7007d23b4e40b4d0c82e1aba8e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:23 GMT
server: cloudflare
age: 3193296
etag: W/"610ae313-1c8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8379b7c-FRA

GET
H2 200 question-circle.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 839 B
598 B 92ms
88ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/question-circle.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b1817b94f0d250b352f05343bad8c799ae0d9590a369cbf42f8104e4dcce5e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:23 GMT
server: cloudflare
age: 4943753
etag: W/"610ae313-347"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb8399b7c-FRA

GET
H2 200 times.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/light/ 624 B
419 B 97ms
94ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/light/times.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bb7c16cb296145abd4eb2379255f977abee25098990820b38ea15473a17f7ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:55:04 GMT
server: cloudflare
age: 3197370
etag: W/"610ae288-270"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb83a9b7c-FRA

GET
H2 200 cog.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 1 KB
676 B 93ms
90ms Fetch
image/svg+xml 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/cog.svg?token=620acb6452
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66dd3cf992fd4d316e0cec642850a59723c6aff7d7f146352bb229a0aed8142c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:07 GMT
server: cloudflare
age: 3203770
etag: W/"610ae303-403"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 841a252eb83b9b7c-FRA

POST
H2 200 admin-ajax.php Show response
www.insauga.com/wp-admin/ 16 B
530 B 338ms
338ms XHR
text/html 2606:4700:20::681a:a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.insauga.com/wp-admin/admin-ajax.php

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.insauga.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQKVH55grHn5UEWM4pzL%2BzjTrfMAytWZ5NVQ%2FfeCZXXqkHrsRA4bAdi1ec%2FNjgO2uo0MV0K8F7IBt3QyvyLfWRr9PiZ5ICtyS9GoupSAaT2lMnEHFatlZLW8l9dEUq%2Br%2FNb9wu982NwhE9uTjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 841a252e99169a3f-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 187621-164323601241456.js Show response
js-sec.indexww.com/ht/p/ 33 KB
12 KB 240ms
41ms Script
text/javascript 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 07 Jan 2024 06:25:33 GMT
server: cloudflare
age: 80
etag: W/"904dc6-856b-60e55260e9e27"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 841a25305ce34528-TXL
expires: Sun, 07 Jan 2024 10:29:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 05:17:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 06:29:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H2 200 OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 20 KB
5 KB 199ms
47ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3472228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4023
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-4e34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9EJSqhpek280ijgSbIkY9zULyKHBktdk4A%2B%2BSXQoGGx%2B2f5Tu1xdpVF8VXzAvMZb4qwhASZNNkV24g%2F1hu8HM%2FRT5ei9NOTTya1GxbxRyr1adhRIhNVL1j4OT%2BggQflVKlxVrzuYOLixwdL%2BCgdvXV5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841a25306a6137fc-FRA
expires: Fri, 27 Dec 2024 06:29:14 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame 1CCF 53 KB
20 KB 182ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3380778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20502
last-modified: Wed, 16 Dec 2020 13:04:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fda05e7-d208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fesqtn4Wb7dtClIR4cGR6NP95Q3NJrXeHpH3E%2B53daYa1tfIWVKbQMUMldxhwSiKL7jU6cVf%2BDnJhLzczREt3YfuFUXKwm7RCvL%2FsApmEUa8OPDtJoy1FfO0qxuo4l7rbxWHHYzpMshbEHMT4CaIduhq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 841a25306a6237fc-FRA
expires: Fri, 27 Dec 2024 06:29:14 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128925
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:14 GMT

GET
H3 200 prebid.js Show response
embed.sendtonews.com/library/prebid/8.6.0/ Frame 1CCF 443 KB
140 KB 40ms
39ms Script
application/javascript 108.138.26.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: i3B_jjvrdw.lF4dn27SHtSate1_g8CWu
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 06:39:58 GMT
last-modified: Wed, 29 Nov 2023 21:48:59 GMT
server: AmazonS3
age: 85758
x-amz-cf-pop: FRA56-P7
etag: W/"4b9ce2a8c4f2b111ada55ff0f82ba870"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: e6po4Mu7gU7BY49YU1GSOmEhhcPDOiqM8NeFbf0_XC2-sOLtM2AOJw==

GET
H2 200 ppid.js Show response
cdn-ima.33across.com/ 10 KB
4 KB 165ms
34ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ppid.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:46 GMT
server: cloudflare
age: 296628
etag: W/"65833eca-2947"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 841a253058784522-TXL
expires: Wed, 10 Jan 2024 06:29:14 GMT

GET
H3 200 comScore.gt.min.js Show response
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame 1CCF 335 KB
59 KB 44ms
44ms Script
application/javascript 108.138.26.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-76.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 01:27:27 GMT
last-modified: Thu, 13 Apr 2023 16:36:13 GMT
server: AmazonS3
age: 18113
x-amz-cf-pop: FRA56-P7
etag: W/"4a51b8991a6b67323936c2eb62e3518e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sOLlTUJHvnH7RcFepjulosSLqGEch2xlMECFg31pGuP3dnKdzJddXQ==

GET
H2 200 reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 1 KB
1 KB 171ms
40ms Image
image/png 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:37:01 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 49934
etag: "cb93bb50e5d021cc38de445a672c18a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1094
x-amz-cf-id: W_WsDEJGnNiCjcDFVCRVprySqYcbmD6OjIJ2GVI-Zz_dsUDfBBDOkA==

GET
H2 200 facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 322 B
665 B 172ms
41ms Image
image/png 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 20:50:57 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 34704
etag: "311cf2edc46e82f2a6911332b7db54e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 322
x-amz-cf-id: iA0hwBx_JV4eFIjuEU0LtV2yStiSSL8Famvk-rQPR_lCE9O44-6nqA==

GET
H2 200 twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 832 B
1 KB 172ms
42ms Image
image/png 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 01:17:55 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 18686
etag: "8be584e844dabfe22970a0cb943c047e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 832
x-amz-cf-id: 9Vtc2XMdbg9ncvP1Rov3B-BuuVzrCpdoYS2epOEj_2Ba3n7y9gT2OQ==

GET
H2 200 email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 773 B
1 KB 173ms
43ms Image
image/png 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:37:05 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 20:07:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 49933
etag: "4bd445ddc3f9d6101690e15cfc1a04f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 773
x-amz-cf-id: PQV6GjxqwQYXLV1zwj2biOylm_XTkgep4PclZJgYXrs7-Gdv6aEiag==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 1CCF 282 KB
70 KB 165ms
45ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:13:13 GMT
content-encoding: gzip
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 962
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 4b7wqw01W0TAqpW95b46lIhs93rXG0MshGPGx88_EeF4Ztc74gMLZw==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
187 B 376ms
118ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=979865&version=7.29.5-A&age=240107&cmd=PRE_INIT&key=dDWgnTNM&seq=1&order=1&vIndex=0&absoluteTime=1536.1&relativeTime=0.3&canonical=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H3 200 data_read.php Show response
embed.sendtonews.com/player4/ 35 KB
6 KB 180ms
179ms Fetch
text/html 108.138.26.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=oAhkC7ZY45cByAbQ&instance=979865&version=7.29.5-A&age=240107&ESG_key=dDWgnTNM&type=FULL&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&ogSet=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-76.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8e289976ace530c79a85b95aad1e6434afd5dc5417b35e2ec1a8d54214dd2760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:14 GMT
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1
alt-svc: h3=":443"; ma=86400
content-length: 5554
x-amz-cf-id: K0_O-THHDEKhtj9mluauuW2j89u4bsKKjJd0Du2Y8N1wKFKvHYDQ4g==
expires: Sun, 07 Jan 2024 06:29:15 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 120 KB
22 KB 1792ms
1686ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&srcUrl=https%3A%2F%2Fwww.insauga.com%2Ffeed&idx=0&rand=82569&widgetJSId=GS_1&va=true&et=true&format=html&px=180&py=3357&vpd=2157&cw=923&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010574&sig=8S7EqnTy&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a68d6c2c0caa12b714b991d6756de301a40459b3d4035426fe7cf87a10434db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 07 Jan 2024 06:29:16 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1704608955.087890,VS0,VE1646
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21955-LGA, cache-fra-eddf8230052-FRA
x-traceid: 5f1e6cf89d1f138c03ac406e5d9d473a
accept-ranges: bytes
content-length: 21894
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 496ms
115ms XHR
application/json 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1704608954821&sessionId=b5977954-eef9-e00c-2fe0-b1ee75de45ec&url=www.insauga.com&cheqSource=1&cheqEvent=3&responseTime=399
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 06:29:15 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d4aa9fe475183a8ab541ca6940471821
Content-Length: 4
Expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 145ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HWZRD1G07G&gtm=45je4130v868991718z8839960732&_p=1704608954072&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=975722933.1704608955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704608954&sct=1&seg=0&dl=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&dt=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1592
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HWZRD1G07G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 54ms
53ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2136796882&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ul=en-us&de=UTF-8&dt=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Rotation&ea=Ad%20View&el=Article%20-%20Below%20Related%20Posts%20-%200x0&_u=YADAAEABAAAAACAAI~&jid=1142492207&gjid=924875288&cid=975722933.1704608955&tid=UA-26412431-1&_gid=642987685.1704608955&_r=1&_slc=1&gtm=45He4130n81K8X3BQZv839960732&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1761291767

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
743 B 159ms
44ms Image
image/svg+xml 2600:9000:2156:aa00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 09:00:30 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1718926
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: NxNjV1PCSY7eN7gv3HWypSqIf-hrMREIajqE3_cuRBpZRv8c8SrmTw==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
777 B 157ms
42ms Image
image/svg+xml 2600:9000:2156:aa00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:26:32 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 164
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: 1clrCtxcoLUsVSzORREtkJLmSsAptrwWfj1cIfl-9UaroAcE4BEIAQ==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
899 B 158ms
43ms Image
image/svg+xml 2600:9000:2156:aa00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 10:33:05 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1799770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 456
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "fa43b4ede18498b114fc7185993f6da7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: C5EnSYOoM-PuOPGvEo3BLMizexOZMcggXyZmvZGpDkoo1aLxFzAHqg==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 155ms
41ms Image
image/svg+xml 2600:9000:2156:aa00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:aa00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 17:49:45 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1859971
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 832
x-amz-cf-id: IDiU56h9zihvMufO_DawHxHjemBojSwXp2itMNNTo2oVd7tTU8UPew==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 148ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26412431-1&cid=975722933.1704608955&jid=1142492207&gjid=924875288&_gid=642987685.1704608955&_u=YADAAEAAAAAAACAAI~&z=1958240526

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 07 Jan 2024 06:29:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
351 B 148ms
49ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.insauga.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
422 B 176ms
54ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 99ec023e92bb79bd87284d69f5c61747b5ed657320c6488bdf3f89062413c7db

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.insauga.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 06 Feb 2024 06:29:15 GMT

GET
H2 403 / Show response
id.sv.rkdms.com/identity/ 72 B
231 B 401ms
128ms XHR
application/json 34.206.99.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.insauga.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.99.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-99-162.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.insauga.com
date: Sun, 07 Jan 2024 06:29:15 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 72
vary: Accept-Encoding
content-type: application/json

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 121ms
118ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&cmd=GET&key=dDWgnTNM&c_id=13951&seq=1&order=2&vIndex=0&absoluteTime=2000.4&relativeTime=464.6&canonical=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 0_7.29.4.js Show response
player.sendtonews.com/bidderFiles/ 4 KB
2 KB 158ms
42ms Script
application/javascript 18.245.60.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.sendtonews.com/bidderFiles/0_7.29.4.js
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1

Request headers

Referer: https://embed.sendtonews.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 2miqZZojvdExFC3PxaxRBVo7Q1zv7LHP
content-encoding: gzip
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront), 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 23:54:26 GMT
x-amz-cf-pop: FRA56-P7, FRA60-P5
age: 24015
x-cache: Hit from cloudfront
last-modified: Tue, 19 Dec 2023 00:53:14 GMT
server: AmazonS3
etag: W/"51b151e3905514740fdc9f430b3c6d1b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id: e28QYhEkmfcnovTwm8gHZ-4Xcxhq2Mc-6__U5oGQcdehZ3QQg1aByA==

GET
H2 200 3216018203444450565959fb65df761.30518545.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 32 KB
32 KB 126ms
46ms Image
image/jpeg 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/3216018203444450565959fb65df761.30518545.jpg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f77ec033c86324c47a1bf511d6f2e17fedb22b73bb42678f8d8607de6554b0a

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:19:28 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 32578
last-modified: Wed, 03 Jan 2024 17:58:08 GMT
server: AmazonS3
etag: "0727d24e9c0c9d8b4cf3396c55486cc2"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: SxiRPUyBJCH97-JUkyuEE45xLuPsuAtTcF8o1cemowImCTihYONorg==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 119ms
118ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&cmd=RTP&key=dDWgnTNM&c_id=13951&seq=1&order=3&vIndex=0&absoluteTime=2005.7&relativeTime=469.9&sC_ID=13951&sm_id=3283693&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&playerCfg=FL&playerType=FLOAT&DS=found&eg.enabled=false&eg.delay=23&eg.ctdwn=7&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:42:39 GMT
x-content-type-options: nosniff
age: 258396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:42:39 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:59:49 GMT
x-content-type-options: nosniff
age: 422966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:59:49 GMT

GET
H2 200 32040681994266002658ee97e583708.37806485.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 14 KB
15 KB 114ms
101ms Image
image/jpeg 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/32040681994266002658ee97e583708.37806485.jpg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d61a8d3e6da67e46b816cf6641bbb3ad7b3ad3623b9fe268012f045d5d5c8281

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:10:54 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1102
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 14508
last-modified: Fri, 29 Dec 2023 15:46:14 GMT
server: AmazonS3
etag: "4cd8665a744e01e63a680d935081905a"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 6eKYcjWT_ERSVNTDsnEgbi8rrS6fv6ZpDZDxB_3CSOERtcqPzGzlUA==

GET
H2 200 32024531604282183658de519bb3c23.60107574.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 37 KB
37 KB 98ms
86ms Image
image/jpeg 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/32024531604282183658de519bb3c23.60107574.jpg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b07dfb6bbc7bdae7c0d91f35a0f2a5d40e5c7d66341b78d477a212c5d8c46046

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:27:58 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 3678
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 37520
last-modified: Thu, 28 Dec 2023 21:14:53 GMT
server: AmazonS3
etag: "eef347b530a095d91d443ec4fbacc0b1"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: vYKZimmcF5-l3wfyvkI1xyJ_ADjccqMOaArI3PF2vMk244GS1S9lcg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1CCF 6 KB
3 KB 128ms
42ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 06:10:54 GMT
x-amz-cf-pop: FRA56-P6
age: 1102
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: lqzAfBD9vy3L_0wXQak11PtSSSKkJ_R50ZHJFgGVlzQYcQG9LRdI-w==

GET
H2 200 6c3f03cd-6fa8-4477-ac05-2c0f4f8da092 Show response
config.aps.amazon-adsystem.com/configs/ Frame 1CCF 564 B
830 B 153ms
40ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: d2288c575a997b8e3c506f2d9d6ee20a12c9592d66a98404f58100369797c939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:00:30 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1725
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 8_I2dYb_Pav2MBPuLAWkWXY4uEGKpPyDSUrIqTIF2mc8Y0D1Ltzczg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 1CCF 1006 B
1 KB 41ms
41ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.insauga.com&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 03:12:19 GMT
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 11815
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.insauga.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1006
x-amz-cf-id: vYaMtCH4hYA2x3kg1QMRlGv7LQ-JfRNXO6hPO_Y7lRMcJ9nbKJRZhg==

GET
H2 200 3216018203444450565959fb65df761.30518545playlist.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 610 B
1 KB 70ms
70ms XHR
application/x-mpegurl 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/3216018203444450565959fb65df761.30518545playlist.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ec83c8ce8f8e1e52e2bb1e0c193b5ba4db12933cc5d962b02ad33127f4ffb66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:19:27 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43789
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 610
last-modified: Wed, 03 Jan 2024 17:58:07 GMT
server: AmazonS3
etag: "f28641fd5bf69ca94178b431524f0f9b"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: cTOr5AON8DnvXXKVeXF2Pm6ptFBqFEBRS-xMwpSZmpQ3q9-KJTh2UA==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 140ms
115ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&cmd=IMA&key=dDWgnTNM&c_id=13951&seq=1&order=4&vIndex=0&absoluteTime=2119.7&relativeTime=583.9&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&playerCfg=FL&recoveryMethod=NONE&imaVersion=3.609.1&blocked=false&recovered=false&hasAdParams=true&imaAttempt=1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 bridge3.609.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame C977 751 KB
240 KB 51ms
42ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 488864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245986
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 14:41:31 GMT
expires: Tue, 31 Dec 2024 14:41:31 GMT
last-modified: Mon, 18 Dec 2023 19:42:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 145ms
50ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:29:15 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12BF 40 KB
14 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:36:27 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 4 KB
2 KB 184ms
65ms Fetch
text/xml 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2C22604498342%2Finsauga-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&plcmt=2&vid=3283693&us_privacy=false&cust_params=sessionKey%3D297979865-oAhkC7ZY45cByAbQ%26schain%3Dstnvideo.com%2CSTN_0004188%26content%3D13951%26placementType%3DPremium%26embed%3DdDWgnTNM%26domain%3Dinsauga.com%26player_size%3Dsmall%26player_width%3D923%26player_height%3D519%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.5-A%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00449%26rand%3D19%26uhr%3D07%26us_privacy%3Dfalse%26keywchk%3Dok

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4dd4e5892b33b487c3a8b06ed9a74dd52baab48d93a1ece81eeca249f86708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 977
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 52ms
51ms Script
text/javascript 2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=insauga.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/insauga.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:40:49 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: 4NSlj-S0GPg3-EyJ826n8rdV0NVMn3tjlCGrx-XOM7QpksNz8riHgA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 147ms
49ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26412431-1&cid=975722933.1704608955&jid=1142492207&_u=YADAAEAAAAAAACAAI~&z=270535847

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 148ms
51ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26412431-1&cid=975722933.1704608955&jid=1142492207&_u=YADAAEAAAAAAACAAI~&z=270535847

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3216018203444450565959fb65df761.30518545.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 658 B
1 KB 45ms
40ms XHR
application/x-mpegurl 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3216018203444450565959fb65df761.30518545.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e13983382fe35bcbe41996389c027223cda8278e84e6882f00073bf75caf4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:19:28 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 658
last-modified: Wed, 03 Jan 2024 17:58:07 GMT
server: AmazonS3
etag: "d1dee3ecfcfce0e2ae15c47a7071c752"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: huM7T8b39S-neIq6Yyy-_G58T1IPFF9st9i1-N3AzNjHHCf81FYQBw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 1CCF 54 KB
17 KB 140ms
40ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 07 Jan 2024 06:44:15 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 1CCF 55 KB
10 KB 158ms
50ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ref=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&_it=amazon&partner_id=694
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 5076
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 841a253518b9bb37-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 3216018203444450565959fb65df761.30518545base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 2 KB
2 KB 41ms
40ms TextTrack
text/vtt 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/3216018203444450565959fb65df761.30518545base.en.vtt
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec89ccaac2e1a198b9e8f198457116a0a5c57329bdb108af520bc8d4ff08704e

Request headers

Referer: https://www.insauga.com/
Origin: https://www.insauga.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:19:42 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43774
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1863
last-modified: Wed, 03 Jan 2024 17:58:24 GMT
server: AmazonS3
etag: "16766d2f59c2658a45914d58f63144cc"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: text/vtt
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges: bytes
x-amz-cf-id: KFWgqa73zvbh4rj6bZ_fg_2sCrs7qSFmL0CWtAukYFeEN8_bP0GOAg==

GET
H2 200 3216018203444450565959fb65df761.30518545-00001.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 575 KB
576 KB 50ms
49ms XHR
video/mp2t 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/3216018203444450565959fb65df761.30518545-00001.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1616173d9515695df4688a4d8487478860ea0036019a07903a8c0128a263716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:24:28 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 43488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 588816
last-modified: Wed, 03 Jan 2024 17:57:38 GMT
server: AmazonS3
etag: "7dce0b0deb21e99127e79d8095ca79ba"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Bnp4nHd6IVAOIzTa1qIK5eWU4VwsvudJp5f-TnQIT5kfw1KuUTXlEg==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 12 KB
3 KB 128ms
45ms XHR
application/json 2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=insauga.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dec66aad114813b197bee33870310cbe37e7c038431e18c343374d6f87e9fcef

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 03:00:44 GMT
content-encoding: br
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 12512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 07 Jan 2024 03:00:42 GMT
server: AmazonS3
etag: W/"e18318d8b763b6006d98a361b3e82350"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: d19Ome-nGrYUzjFjl1QncBtc1Ie9j8qNQbfCiT3gAhLvdz86ZoKDAQ==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 163ms
45ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.insauga.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.insauga.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 07 Jan 2024 06:29:15 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 1CCF 23 B
465 B 204ms
78ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&pid=ytuauTeCzdStv&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!stnvideo.com%2CSTN_0004188%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: XPXYK0GEBMDZB0TWWN4S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.insauga.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 57MGmxbNLSRwBs0POiV5TvB9zaCH4zAfkJcDXU-uX81DHvXK_OoMdQ==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1CCF 0
113 B 163ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.insauga.com
date: Sun, 07 Jan 2024 06:29:15 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 1CCF 19 B
543 B 147ms
43ms XHR
application/json 18.193.236.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&tmax=3000&us_privacy=1---

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.236.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-236-213.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:15 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch
x-auction-status: 16
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 1CCF 173 B
467 B 154ms
41ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ca02d2666d068383bc177fa134f2d47c97e84057b83064ca45b8d29c7c97035a

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.6.0
Content-Type: application/json
access-control-allow-origin: https://www.insauga.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 169
Expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 1CCF 36 B
541 B 195ms
124ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671e5939d376a46283e075a1d021e2207809da3bccf32388f41a7a6be247ab8b

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEuOnWKG277%2BBr9xZJ7IBMntfJ3naHftrn2qyM9K38C95jY158nhlEf%2B0o7cGvU9IeHtFtlHz92r09tvV2zcP3hMJvPzTtUQSL5FnHY072W99MOU8nWxRR72Ks38pu472fiVVrmI"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 841a253678426a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ Frame 1CCF 0
520 B 411ms
313ms XHR
text/plain 13.32.121.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3590&domain=insauga.com&ccpa=1---
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:16 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.insauga.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-amz-cf-id: hLhSHjNngdKQjjf_q5bD1DhXNyABV3HHtEwrSf61lWGW63YTxAEMkQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 1CCF 144 B
1 KB 225ms
120ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

1e0e919d66084056f606f99cf4fc77bc0a8760f8ccd08d6652a860a06851c3a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:16 GMT
an-x-request-uuid: 0bfd9554-18e7-4812-ad74-020874a7c91c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.insauga.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ Frame 1CCF 11 B
205 B 142ms
48ms XHR
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.insauga.com
pragma: no-cache
date: Sun, 07 Jan 2024 06:29:16 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame 1CCF 96 B
287 B 141ms
140ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.insauga.com&url=https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ref=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&_it=amazon&partner_id=694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5da8e3e0b730ebd639c028669a8c7f83c4c738d0a822cb17d0298aa76f1bd1d

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 06:29:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 841a2537ff1c65c7-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 275ms
150ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=694&sync=0&domain=www.insauga.com&url=https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.insauga.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 841a2536fe9365c7-FRA
content-length: 0
content-type: application/json
date: Sun, 07 Jan 2024 06:29:16 GMT
debug: OPTIONS block
expires: Mon, 06 Jan 2025 06:29:16 GMT
server: cloudflare

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/50/ 279 KB
73 KB 48ms
47ms Script
text/javascript 2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=insauga.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:09:20 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 06 Dec 2023 23:27:04 GMT
server: AmazonS3
etag: W/"1140e593a3bca4a411e76bddf0dcac5d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 3L-c1lFwsX4tVRkXE9OV2_E8kzIuWa8FWeVE_jl9wjP6RF-mYoIz9g==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v2/ 360 KB
48 KB 48ms
47ms XHR
application/json 2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=insauga.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 23:59:31 GMT
content-encoding: gzip
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 23389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 23:59:19 GMT
server: AmazonS3
etag: W/"e2bcee663677e0a88f6ed90c9cd0c496"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: RhyITxYnvWuAy-XRyz_AUEwI54zERetEEq9epwtBNWm9NwalxgRYQQ==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 92ms
92ms XHR
application/json 2600:9000:214f:dc00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=insauga.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:dc00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd500dc338e9ea802f0122e9b5586953327acb1a431dacc95010011e55e935de

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 03:00:26 GMT
content-encoding: br
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 12530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 07 Jan 2024 03:00:24 GMT
server: AmazonS3
etag: W/"218b11c379118f06891bfb95c7aa4503"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: SHjuUgolVp5mgI_r9q_Kuq23cyAGMESkcPwZ_SuXCwKRzyaE_2R3VQ==

GET
H2 200 3216018203444450565959fb65df761.30518545.m3u8 Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/2000k/ 659 B
1 KB 42ms
40ms XHR
application/x-mpegurl 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/2000k/3216018203444450565959fb65df761.30518545.m3u8
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd402a1bc74812413ab3e4c4e477de426081dd4b7f9836863ae6e360489869dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:53:32 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 41744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 659
last-modified: Wed, 03 Jan 2024 17:58:07 GMT
server: AmazonS3
etag: "fce200e93cbe7abc585c0c211ad5a201"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: HLO8R5e4U2-HFbZZl4RN8AC8uLaTd2hujP-3faqud-uMY0iDfEkwLQ==

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 200ms
39ms XHR
text/plain 35.158.251.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22www.insauga.com%22%2C%22publisher%22%3A%22insauga.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%226cvIXga2DJSmmFvXn78YBw%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1704608956048%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ciav0nqfqw3zwf1zng4o%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.158.251.159 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-251-159.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Jan 2024 06:29:16 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qVgGLBgMibU/ 9 KB
10 KB 45ms
41ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qVgGLBgMibU/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

157d6523f90673c330132adaa6da084978050691fa435ce52f67ab498472d4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9685
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/_GhgvEVwQFw/ 19 KB
19 KB 105ms
103ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_GhgvEVwQFw/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508bb0ea10e79108ad1d7d9e49b5bb7a79482f9bf88377bebc5ff33bde4c5133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19400
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/uv9tbSmc4aI/ 14 KB
14 KB 124ms
122ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uv9tbSmc4aI/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d0a95830a56dd5f50904c5b513897af86671bcc13d493994c3ac60ff5bb511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14390
x-xss-protection: 0
server: sffe
etag: "1703187514"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/whL-tvhea6I/ 17 KB
17 KB 128ms
126ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/whL-tvhea6I/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fdabcf1013e79d3ee3e5156bbde84d091362cba11095e687b32affbbe99a514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17345
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/PHb8bItodN0/ 9 KB
9 KB 118ms
116ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/PHb8bItodN0/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28119464cf936ccce42bcf7bd8bfd50beef58fd90fdaf7d4ddda15126df3b3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8800
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/iqm4_aXBcFc/ 24 KB
24 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iqm4_aXBcFc/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d53e4d8d9996346bb5a2694af76d4140cc903483522f076fd46ac6fd691c3b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:12 GMT
x-content-type-options: nosniff
age: 304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24302
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:12 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/9nuXFoJmz14/ 17 KB
17 KB 135ms
134ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9nuXFoJmz14/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170c16f59fccb161c35f0408753ca635531d2436b843a407cd8d071008c27461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17018
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/XFOSnPuRx40/ 16 KB
16 KB 91ms
90ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XFOSnPuRx40/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98e43f03fa178ea670392d7a870b89f89ff7794e58ec7e380dff7b25435cd789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16303
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/D0C0om1CEB4/ 19 KB
19 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D0C0om1CEB4/hqdefault.jpg

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb0a90737ad62dc45fa55d46bcfa0f48ab03268e8bb65a3fcaf64ae9458b9f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:12:49 GMT
x-content-type-options: nosniff
age: 4587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19239
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 07:12:49 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 119ms
118ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&ldt=BIDS&key=dDWgnTNM&c_id=13951&seq=1&order=5&vIndex=0&absoluteTime=2973&relativeTime=1437.2&sm_id=3283693&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13951&load=1&status=LVFNLNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.pubmatic.time=180.1&prebid.bidders.triplelift.time=151.9&prebid.bidders.rubicon.time=170.5&prebid.bidders.ix.time=251.1&prebid.bidders.undertone.time=413.8&prebid.bidders.appnexus.time=245.2&prebid.bidders.unruly.time=309.3&prebid.start=2539.5&prebid.time=432.3&prebid.timeout=3000&adIndex=-1
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:16 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 694 Show response
a.ad.gt/api/v1/u/matches/ Frame 1CCF 12 KB
4 KB 779ms
376ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/694?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ref=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&_it=amazon&partner_id=694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8169422d556a255ed9864afb2ee3d7e1e48c53a654abef8d9b6a01a1954e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sun, 07 Jan 2024 06:23:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 841a253b59ba3651-FRA

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C977 124 B
125 B 139ms
50ms XHR
text/xml 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?slotname=%2F92056281%2Finsauga-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D297979865-oAhkC7ZY45cByAbQ%26schain%3Dstnvideo.com%2CSTN_0004188%26content%3D13951%26placementType%3DPremium%26embed%3DdDWgnTNM%26domain%3Dinsauga.com%26player_size%3Dlarge%26player_width%3D923%26player_height%3D519%26player_type%3Dfloat%26smartmatch%3Dno%26version%3D7.29.5-A%26player_status%3DLVFNLNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00449%26rand%3D8%26uhr%3D07%26us_privacy%3Dfalse%26keywchk%3Dok&url=https%3A%2F%2Fwww.insauga.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=250000&vrid=1263268&us_privacy=1---&hl=en&cmsid=2631244&plcmt=2&vconp=2&video_doc_id=3283693&vpa=auto&vpmute=1&cnc=22604498342&kfa=0&tfcd=0&sdkv=h.3.609.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1855202715&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=2DAC06A4-71CA-4BCD-9651-CE82659344CC&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806074&top=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&loc=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&dlt=1704608953637&idt=2061&dt=1704608956776&correlator=3108242880728258&scor=3217857420328327&ged=ve4_td3_tt1_pd3_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 43ms
43ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 06 Feb 2024 06:29:16 GMT
date: Sun, 07 Jan 2024 06:29:16 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 485ms
116ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6d48dd3ccdcff71bfa453eaeed1edc0b_56542_1704608955156&tm=2377&eT=0&widgetWidth=923&widgetHeight=45&widgetX=180&widgetY=4142&wRV=2010574&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=1965&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3509&cet=4g&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 0777a0aa59ed0d7f183a71df787c55f1
Content-Length: 6

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 472ms
119ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=742a3e24ffd98ccf7dadfa837faabd22_56542_1704608955300&tm=2402&eT=0&widgetWidth=917&widgetHeight=472&widgetX=183&widgetY=4199&wRV=2010574&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3533&re=3546&cet=4g&cs=5&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 6a3c10fbd1710f47c3ad23af4fd43220
Content-Length: 6

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 179ms
45ms Script
text/javascript 2600:9000:2057:de00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:de00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 19:25:07 GMT
content-encoding: gzip
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 39849
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: aGBbC0FxIWnqNsOi6DwhYTs3Rm8iwSgAhqmXH3X_r97zuFyMNvcgVg==
expires: Sun, 07 Jan 2024 07:25:07 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 460ms
115ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7efc39818b3e80be7bba570676fbaa70_56542_1704608955410&tm=2417&eT=0&widgetWidth=917&widgetHeight=373&widgetX=183&widgetY=4695&wRV=2010574&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3533&re=3564&cet=4g&cs=5&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 35ca0369c75fa033df8af5b94e757e6d
Content-Length: 6

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2010574/module/ 1 KB
1 KB 56ms
38ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010574/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 845ee33c9bbfa837612164284a396dc93d990635aecbe3331128dd8561a5d892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sun, 07 Jan 2024 06:29:16 GMT
content-encoding: gzip
content-length: 709
last-modified: Tue, 02 Jan 2024 12:51:55 GMT
server: AkamaiNetStorage
etag: "71929055e0902e690267b61a60d3c087:1704202522.881286"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sun, 14 Jan 2024 06:29:16 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 461ms
116ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4cdffa5bf1e7e75732e0105bb1013984_56542_1704608956248&tm=2422&eT=0&widgetWidth=917&widgetHeight=472&widgetX=183&widgetY=5092&wRV=2010574&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3533&re=3568&cet=4g&cs=5&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 3fd0ed79beb44d4e5db722a46c382ded
Content-Length: 6

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 472ms
120ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f18ef4fd0a7e5a0fc5afa8e53cbb4abd_56542_1704608956366&tm=2426&eT=0&widgetWidth=917&widgetHeight=472&widgetX=183&widgetY=5588&wRV=2010574&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3533&re=3573&cet=4g&cs=5&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 26a7330f78d79a7390f031861a9bddb3
Content-Length: 6

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 471ms
120ms Fetch
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d40c0d48966829483152824f7fd98a92_56542_1704608956606&tm=2431&eT=0&widgetWidth=917&widgetHeight=472&widgetX=183&widgetY=6084&wRV=2010574&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1076&obreq=929&mvreq=1546&mvres=3533&re=3577&cet=4g&cs=5&to=1704608953274&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 301ba48dd5553099871f7faef0db3e17
Content-Length: 6

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 179 KB
40 KB 785ms
785ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&srcUrl=https%3A%2F%2Fwww.insauga.com%2Ffeed&idx=1&rand=20441&widgetJSId=AR_64&va=true&et=true&format=html&t=MmFkN2M5MzhjMDc4ZDUzMmQzNzU1MjFkMDVhOTBiZjE=&clid=b5977954-eef9-e00c-2fe0-b1ee75de45ec&fdu=www.insauga.com&px=0&py=2400&vpd=1200&cw=1600&em=1&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&wdr-cosc=1&activeTab=true&version=2010574&sig=8S7EqnTy&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 046b64ddc8ea0a532721b4bb1cd04943d500221a6df40096989fd46bfc5a9c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 07 Jan 2024 06:29:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1704608957.909547,VS0,VE745
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga13627-LGA, cache-fra-eddf8230052-FRA
x-traceid: 9accfbcb112d5ba3c86d0f8a601e43b3
accept-ranges: bytes
content-length: 40648
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
8 KB 41ms
39ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 06 Feb 2024 06:29:16 GMT
date: Sun, 07 Jan 2024 06:29:16 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "b79638966e0374c455e78107aee59bf4:1701762092.299136"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7647
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 48 KB
48 KB 160ms
50ms Image
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Tue, 10 Oct 2023 09:33:41 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=649025
access-control-allow-credentials: false
x-traceid: 3833dd60ff21abb3d316a807a6fcbb8e
timing-allow-origin: *, *
content-length: 392419

GET
H2 200 eyJpdSI6IjQ1YzExY2UyOWQ3ZDlhOTE2OGU5Mjg1NDlhZWQ1MGU2OTI2ZWE0OWM3NTJhYjRlMDA5YTczNmE3OTAxYTA2ZmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 16 KB
16 KB 295ms
186ms Image
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ1YzExY2UyOWQ3ZDlhOTE2OGU5Mjg1NDlhZWQ1MGU2OTI2ZWE0OWM3NTJhYjRlMDA5YTczNmE3OTAxYTA2ZmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Thu, 05 Oct 2023 13:01:09 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=348174
access-control-allow-credentials: false
x-traceid: 6455565577c738655de977c46e7647cd
timing-allow-origin: *, *
content-length: 368825

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2136796882&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ul=en-us&de=UTF-8&dt=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=975722933.1704608955&tid=UA-26412431-1&_gid=642987685.1704608955&gtm=45He4130n81K8X3BQZv839960732&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cg1=Latest%20News&cg2=Ontario&cg3=Home%20Page&cd2=Home%20Page&tcfd=1000h&z=292960060

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60556
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJpdSI6ImFiOTJhYTFmYjk5MjBmZTdiYTcxOGJhYTgwNzU5YTZmNjllZDhiMmVkZTE1M2MyYWZhMzY4YTUwZWI5MmNkNGYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 4 KB
4 KB 143ms
40ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFiOTJhYTFmYjk5MjBmZTdiYTcxOGJhYTgwNzU5YTZmNjllZDhiMmVkZTE1M2MyYWZhMzY4YTUwZWI5MmNkNGYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5058203de32e3626f90c1f784b2a68fc00c32ab66616398b2e7d3029ed3462b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Sun, 17 Dec 2023 14:02:14 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2168914
access-control-allow-credentials: false
x-traceid: d347ecd23116dda4006c3ed4d4c6eadd
timing-allow-origin: *, *
content-length: 4186

GET
H2 200 eyJpdSI6IjY1ZTZmOTM4ZmVjYzExODVkN2Q1NTk4ZDNlMGU0OTcxZjNjNTI1ZjM0ZWMzYjBjYzg4MGU4MzUwZDdkZjk1NjYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
11 KB 355ms
253ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY1ZTZmOTM4ZmVjYzExODVkN2Q1NTk4ZDNlMGU0OTcxZjNjNTI1ZjM0ZWMzYjBjYzg4MGU4MzUwZDdkZjk1NjYiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 93b59db38ce853da5cf8b6f13c55330a8e353f496174077483cc38de8a8ccb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Thu, 23 Nov 2023 06:44:50 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2118710
access-control-allow-credentials: false
x-traceid: 6fe8fbd082504117cc46b82704b0d5ac
timing-allow-origin: *, *
content-length: 10634

GET
H2 206 eyJpdSI6IjQ1YzExY2UyOWQ3ZDlhOTE2OGU5Mjg1NDlhZWQ1MGU2OTI2ZWE0OWM3NTJhYjRlMDA5YTczNmE3OTAxYTA2ZmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 360 KB
361 KB 353ms
254ms Media
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ1YzExY2UyOWQ3ZDlhOTE2OGU5Mjg1NDlhZWQ1MGU2OTI2ZWE0OWM3NTJhYjRlMDA5YTczNmE3OTAxYTA2ZmUiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5db0a646608d4b9d7677306f991f9f3c68c206af130dcad053309ef4d5f87531

Request headers

Referer: https://www.insauga.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Thu, 05 Oct 2023 13:01:09 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-368824/368825
cache-control: max-age=348174
access-control-allow-credentials: false
x-traceid: 6455565577c738655de977c46e7647cd
timing-allow-origin: *, *
Content-Length: 368825

GET
H2 206 eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 383 KB
384 KB 323ms
224ms Media
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRlMGQ3OWFlNjEyYmI1MjBmNjNhOWIwMGNmNTQ1OTRjYmFmNzFjNmJjYjU1YWI1NmU5NmEzNzUxMDdiZTQ3NTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cb06b63b4733960de982c0899dc24359280719b9e8598c265d2c5a2ced1ba18f

Request headers

Referer: https://www.insauga.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Tue, 10 Oct 2023 09:33:41 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-392418/392419
cache-control: max-age=649025
access-control-allow-credentials: false
x-traceid: 3833dd60ff21abb3d316a807a6fcbb8e
timing-allow-origin: *, *
Content-Length: 392419

POST
H2 204 csi
csi.gstatic.com/ Frame C977 0
234 B 191ms
58ms Ping
image/gif 2a00:1450:4008:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr345s04&c=1693367340180&slotId=846683670090&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4008:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 125ms
125ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&ldt=NO_IMP&key=dDWgnTNM&c_id=13951&seq=1&order=6&vIndex=0&absoluteTime=3654&relativeTime=2118.2&sm_id=3283693&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=13951&load=1&status=LVFNLNIY&ac_id=2008&adIndex=-1&DS=found&prebidABS=G&prebidABC=[[1,%22control_mod_del%22],[1,%22bidder_mod%22,%220_mod%22],[1,%22bidder_del%22,%220_del%22]]&eg.enabled=false&eg.delay=23&eg.ctdwn=7&eg.vl=30&eg.mid=rm&eg.source=p6&eg.time=false
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:16 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ Frame 1CCF 43 B
301 B 144ms
40ms Image
image/gif 18.245.60.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1704608955284&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=79647&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=3283693&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1704608956930&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1646&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Insauga&c3=sendtonews&c4=News&c6=*null&c7=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&c8=&c9=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-76.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: apCSn48pgUBnulfDlrB-Y13xwqzjdT8Yr4NCCYZXXCnV4PmS_BEc1A==

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 117ms
117ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&cmd=INV&key=dDWgnTNM&c_id=13951&seq=1&order=7&vIndex=0&absoluteTime=3667.9&relativeTime=2132.1&alt=0&sC_ID=13951&sm_id=3283693&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&playerCfg=FL&playerType=FLOAT
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

POST
H2 200 stn_trk.gif
s2l.sendtonews.com/ 26 B
186 B 118ms
117ms Ping
image/gif 54.87.72.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s2l.sendtonews.com/stn_trk.gif?session=oAhkC7ZY45cByAbQ&instance=297979865&version=7.29.5-A&age=240107&cmd=PLAY&key=dDWgnTNM&c_id=13951&seq=1&order=8&vIndex=0&absoluteTime=3668.2&relativeTime=2132.4&alt=0&sC_ID=13951&sm_id=3283693&load=1&status=LVFNLNIY&ac_id=2008&EXTREF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&REF=https://www.insauga.com/new-package-delivery-scam-hits-ontario/&playerCfg=FL&playerType=FLOAT&pposition=float&floattype=s
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.72.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-72-75.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
last-modified: Wed, 23 Dec 2020 21:38:39 GMT
server: Apache/2.4.41 (Ubuntu)
accept-ranges: bytes
etag: "1a-5b72883b37f80"
content-length: 26
content-type: image/gif

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 400ms
127ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=74160720112190106200856022222005048659317826101301696906870784286757&nc=0&tsf=0&tsfmi=&pv=0&cb=1704608957109&ref=&pit=1&hl=3&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=570513631&at=&bid=e30%3D&di=W1siZWYiLDU4MDNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MjEsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTAy%0D%0AMTQ5ODkxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI2LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBv%0D%0AVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2Ynpj%0D%0AdVNBUEovR3QiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9n%0D%0AOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIs%0D%0AXCJhcHBsZS1tb2JpbGUtd2ViLWFwcC10aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJd%0D%0ALFstMTQsIntcIm9cIjowLjA0NDI4MDQ0MjgwNDQyODA0fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0s%0D%0AWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwi%0D%0ALVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwi%0D%0ALFwiLVwiXSJdLFstMjAsIjk3NTcyMjkzMy4xNzA0NjA4OTU1Il0sWy0yMSwiOFM3RXFuVHkiXSxb%0D%0ALTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYs%0D%0AIntcInRqaHNcIjo1NjgwMDAwMCxcInVqaHNcIjo0MjEwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAw%0D%0AfSJdLFstMjcsIlswLDkuOCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwi%0D%0Ae1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJb%0D%0AXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFst%0D%0AMzUsIlsxNzA0NjA4OTU3MDgzLC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywi%0D%0ALTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsMjMsMCwwLDg1LDMzOCw4OTAsMCw5NDYu%0D%0ANiw5NDYuNiwzODEwLDM4MTEiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0%0D%0Ac2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQw%0D%0ALCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAw%0D%0AMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJF%0D%0AdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxb%0D%0AImJuY2giLDc4XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A180%2C%22y%22%3A4142%2C%22w%22%3A922%2C%22h%22%3A1933%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=FzigVs12be&sdd=%7B%7D&pto=3837
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 9366360718b3875cf80cf5ee1c88df2b51af9add4e3aae9c23460f0bc08540d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sun, 07 Jan 2024 06:29:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1723
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 118ms
117ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126aeac135e24e8f9a9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578aee5d5eb474fbd408dbd39e821da61c45085052aae2d05f91e46042cce5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1808f77f69a8991d7aefdaf264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e1f08bb9e64d28a427e7bca9205237b9d76294b046e7431002d45c0f8481d79f81b2c527df21d6deedc85ec54d5814aa5f0ddbc6951970d3bd73fa02b0c31b9227f527161e529c60b80ddb94f47bbfd23fc34aa7c19ccc7780191c2de84b011f75456fc4bb66b709d5c18869a99970b2822fdb8beafb7ac0b6e0516d6a8ff9450bcab60a554dfee7f425b965c4ae0dadb971ad6ebc23c106c61ed6b42e854f76a7f1cc74353c7c1168574e1dc1fc856cd203ab46525e28fab353c29b100fe2bbddbca06fc1e4f8e180f8aeed56493cff5b9bb55f6e9f5e631bd57f40706cf67baf6a04c3ebc163897cca248bab2ccba410987b0f21271e61129cc0e4d32066549a184695cfc4bab0ca500482adbc7d96cc7167c5d3123c6dff8dc45721b7238243821be33f9e12b6d401aba838f0effdc0845530fdea3a7f9033f79fbaaf0a8e2f615443c12a300ff4fd1bd6b243d893df8a11989b95704e254dbe70&cb=1704608957520&cri=FzigVs12be
Requested by: Host: www.insauga.com
URL: https://www.insauga.com/new-package-delivery-scam-hits-ontario/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sun, 07 Jan 2024 06:29:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2136796882&t=pageview&_s=1&dl=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&ul=en-us&de=UTF-8&dt=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=975722933.1704608955&tid=UA-26412431-1&_gid=642987685.1704608955&gtm=45He4130n81K8X3BQZv839960732&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cg1=Latest%20News&cg2=Ontario&cg3=Home%20Page&cd2=Home%20Page&tcfd=1000h&z=2107569625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 13:40:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60557
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 152ms
64ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.insauga.com
URL: https://www.insauga.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=4e06d1a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-jT1theu22hEVm_2WrhLaMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 07 Jan 2024 06:29:17 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/ 216 KB
67 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68492
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:10:05 GMT

GET
H3 200 e7dE4wZiAog Show response
www.youtube.com/embed/ Frame 0D00 95 KB
40 KB 121ms
116ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f18ca014cd18149a764c032ac5dff780737a6643d1de23bbee94c9c36df8e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-78amITzwHwxY5zkR03Nh2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qVgGLBgMibU Show response
www.youtube.com/embed/ Frame 6530 94 KB
40 KB 171ms
167ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c953cc35bf5d5c29dbbaaf0c4accb29b1723a064b87d40b2a34be245a0331da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-HEnuAsicLoFmu7YwHbEyeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 _GhgvEVwQFw Show response
www.youtube.com/embed/ Frame 1B11 94 KB
40 KB 184ms
180ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8687ffc5bf64630ff87329d70d466cfb2d81802c3a11f10bb31517e3cef9b9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-s9YSChqfMR16WUNk2B66zA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 uv9tbSmc4aI Show response
www.youtube.com/embed/ Frame 09D6 96 KB
41 KB 179ms
175ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8406a39ecffe76d6c59aa7e43e3b3f0f98396cdadf1a29928ac6e7b693400870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-siBIAMoLCx9GQqSd4SpEMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 whL-tvhea6I Show response
www.youtube.com/embed/ Frame DADE 94 KB
40 KB 149ms
146ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65b8988521f5923860f5044d459304fd678f97b907a7bfe9fb9068177b751c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-agpbuLfyPMoR1d2tUMDUAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PHb8bItodN0 Show response
www.youtube.com/embed/ Frame 762E 94 KB
40 KB 95ms
92ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb37cf279b4443d7eecd55ec8b04b0007748f2b1754b15e9d7b160a18ccebb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-4yu-P7PZFb8ttevP8b2Dqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iqm4_aXBcFc Show response
www.youtube.com/embed/ Frame 6E5E 94 KB
39 KB 93ms
88ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ad3b65563d99bb490e7ded742156c036b9de5f48efc5cf688de6e2e81146c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-QG8WNrAYdGmdosrVojisKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9nuXFoJmz14 Show response
www.youtube.com/embed/ Frame 61F8 95 KB
40 KB 196ms
191ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02c3c7c9da81463c8edf9498c970d77c93363b2456b663ef9ad27df5568d2bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-khVvMumIafuDPwc3iSoHAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XFOSnPuRx40 Show response
www.youtube.com/embed/ Frame 0EE5 94 KB
40 KB 177ms
173ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4e2bdc1dd02b7b32e0e26895ecf6d798def301edb7ea3767e1efbfdebd66927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-dfGyIVTGXjac9-f2X669Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 D0C0om1CEB4 Show response
www.youtube.com/embed/ Frame 514A 94 KB
40 KB 146ms
144ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6bcfaf5eadae0d1a950233a53197815f9f93a3f04201a54d689a9a6eb58bf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-1-yX85XqsddwuBy-isU_fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 06:29:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 762E 358 KB
46 KB 42ms
40ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 762E 52 KB
16 KB 47ms
43ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 762E 322 KB
96 KB 49ms
45ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 762E 2 MB
770 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 6E5E 358 KB
46 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6E5E 52 KB
16 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 6E5E 322 KB
96 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6E5E 2 MB
770 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 0D00 358 KB
46 KB 49ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0D00 52 KB
16 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 0D00 322 KB
96 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0D00 2 MB
770 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame DADE 358 KB
46 KB 43ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DADE 52 KB
16 KB 77ms
74ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame DADE 322 KB
96 KB 77ms
74ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DADE 2 MB
770 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 514A 358 KB
46 KB 42ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 514A 52 KB
16 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 514A 322 KB
96 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 514A 2 MB
770 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 6530 358 KB
46 KB 43ms
41ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6530 52 KB
16 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 6530 322 KB
96 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6530 2 MB
770 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 09D6 358 KB
46 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 09D6 52 KB
16 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 09D6 322 KB
96 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 09D6 2 MB
770 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 762E 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 762E 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 1B11 358 KB
46 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1B11 52 KB
16 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 1B11 322 KB
96 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1B11 2 MB
770 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 0EE5 358 KB
46 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0EE5 52 KB
16 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 0EE5 322 KB
96 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0EE5 2 MB
770 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4fd50162/ Frame 61F8 358 KB
46 KB 48ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 05:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47439
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 05:41:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 61F8 52 KB
16 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16407
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:26:29 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4fd50162/www-embed-player.vflset/ Frame 61F8 322 KB
96 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Jan 2025 06:18:50 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 61F8 2 MB
770 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 05:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788601
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 05:56:18 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E5E 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E5E 15 KB
15 KB 62ms
61ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0D00 15 KB
15 KB 65ms
62ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0D00 15 KB
15 KB 73ms
71ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DADE 15 KB
15 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DADE 15 KB
15 KB 77ms
77ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 514A 15 KB
15 KB 76ms
74ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 514A 15 KB
15 KB 78ms
76ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6530 15 KB
15 KB 82ms
78ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6530 15 KB
15 KB 92ms
88ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 09D6 15 KB
15 KB 97ms
92ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 09D6 15 KB
15 KB 99ms
95ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B11 15 KB
15 KB 104ms
102ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B11 15 KB
15 KB 111ms
108ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EE5 15 KB
15 KB 139ms
137ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EE5 15 KB
15 KB 101ms
100ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 61F8 15 KB
15 KB 91ms
84ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 198142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 61F8 15 KB
15 KB 98ms
92ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 468707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:31 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame 1CCF 49 B
250 B 478ms
389ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LiqV3AAJ&gdpr=0&src=pbjs&ver=8.6.0&coppa=0&us_privacy=1---
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 06:29:19 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.insauga.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CF95 281 B
555 B 134ms
40ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.6.0/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.insauga.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 07 Jan 2024 06:29:19 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 762E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91f1705e80b5dca2ab8f89c255cc64aa87a7742fc25564109137cf2c6a205eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 762E 29 B
495 B 144ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6E5E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
46ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868ce6571a6cfac47ea934bd410ad71bfaf6152d856a806f7a617a94cbe8d8b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6E5E 29 B
89 B 104ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0D00
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e2c0cbece7d325363255fd4928d82cbda7438cf9768a2b03e4b378946ae23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0D00 29 B
89 B 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DADE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6100595bb8b7bcbd1032610b733cd1128a773077367ba007886337f01abb6b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DADE 29 B
89 B 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 61F8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c7d953f7b9414b800a3a4ffce521137061c29a3198c7cd9a063f061206d605a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 61F8 29 B
89 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CF95 45 KB
13 KB 42ms
42ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 06:29:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Jan 2024 22:07:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56190
Connection: keep-alive
Content-Length: 13174
Expires: Sun, 07 Jan 2024 22:05:49 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 514A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aae0904358c4366a7aa713d28587f3087a974b2a2cbb75be5aebf5853e7c984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 514A 29 B
89 B 41ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6530
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
48ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c7829313d69008a18e36a9fe23647bb9b0380a05dae298446b2e31a5dd7904e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6530 29 B
89 B 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 09D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96533d5156529a6949cd7d35d97488718d944682eab820e698240c11fd68383a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:19 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 09D6 29 B
89 B 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 152ms
48ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 762E 87 KB
40 KB 57ms
55ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d52e29407e6fefabadd79374fa4a0afe06d6a8e26f60f013d0502703caa6dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41054
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 762E 116 KB
33 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H2 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 762E 51 KB
20 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/PHb8bItodN0/ Frame 762E 46 KB
46 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/PHb8bItodN0/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLAjZWQhH2Q9lvTrcEgeGhvhOviKBA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3eff327e2b315bf259663d33da93d13ee34d465e85ef4a01ee19b2972adf630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47417
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 762E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 762E 2 KB
2 KB 157ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1B11
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29a6f3edd7781aa62ffe606e84c8dbd94f3f26d3323e3ccebd34df387685e344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1B11 29 B
54 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E5E 87 KB
40 KB 55ms
55ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82d702e77d180a2c3061031d17ebdd4c64a5136f6e8eeef9aa81279240cc3957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41044
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6E5E 116 KB
33 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 6E5E 51 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/iqm4_aXBcFc/ Frame 6E5E 153 KB
153 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iqm4_aXBcFc/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE4gZSgoMA8=&rs=AOn4CLC_gALDi0FIiE0ATUamWpJW1s-vkg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1effd04ca1a784ced631d1eaeac3340ef9735f00a2cbdaf745aa2d16c4a4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157058
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 6E5E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6E5E 2 KB
2 KB 43ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0EE5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
46ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e293e07ecd178236c8b7e9952c3f202c9ad2ea780f9ab00b5378bc5f4baac5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 06:29:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0EE5 29 B
54 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 06:39:13 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 48ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0D00 87 KB
40 KB 60ms
60ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9bcdf2407e078af6286595ba9078fde2695d2d0d5e6c483a432fe9263fef78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40841
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0D00 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 0D00 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/e7dE4wZiAog/ Frame 0D00 100 KB
100 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/e7dE4wZiAog/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgQigyMA8=&rs=AOn4CLAUtiTLihLu1N6oJHtM8Wg_7pMjSw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

306c0c52f205c37a95511b7e9471d504fbe32058807709ed4a48562d440006cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:14 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102255
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:14 GMT

GET
DATA 200
OK truncated
/ Frame 0D00 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0D00 2 KB
2 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DADE 87 KB
40 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c441feecd4b048f63e62863fa1de42be63211483aea4088d094fb37683f11f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40974
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame DADE 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame DADE 51 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/whL-tvhea6I/ Frame DADE 106 KB
106 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/whL-tvhea6I/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgRigvMA8=&rs=AOn4CLD8a-32tuWTJvR1Kalr1ncoBea96g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d8cb361adc67d7a894bc80555aa16ba037d106ec1b5eaf67d377da336bcdc6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108581
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 61F8 87 KB
40 KB 58ms
57ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec886a92b7e11ba9d1c63b066968adaeaec60c97a061ddd6d85ef593f4f00e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40782
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 61F8 116 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 61F8 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/9nuXFoJmz14/ Frame 61F8 95 KB
95 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9nuXFoJmz14/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVihTMA8=&rs=AOn4CLDQPbWuouVVa9MjjpMaMity1ba3Aw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94bf7f557da63975ec6378d765bbb820f5935911138db7e8308fe35c112820d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97435
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame DADE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DADE 2 KB
2 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

GET
DATA 200
OK truncated
/ Frame 61F8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 61F8 2 KB
2 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 514A 87 KB
40 KB 55ms
55ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b03f40ec414c311cb314032b9d2b93585b730395d9388ed6130c0f03f7621eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40941
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 514A 116 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 514A 51 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/D0C0om1CEB4/ Frame 514A 116 KB
116 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D0C0om1CEB4/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgVyhgMA8=&rs=AOn4CLBYZjy6LEwyz-3x3wQNMRD5vaMc2w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb837706d47762f352e246767f1bd81720853f4900c124c01e5efe326d223025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118738
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 514A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 514A 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6530 87 KB
40 KB 56ms
55ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27c699769c71345fe96bb11e8b0e2c1534d3ba5749c32e40362ff9d8ace30af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40886
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 6530 116 KB
33 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 6530 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/qVgGLBgMibU/ Frame 6530 58 KB
58 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qVgGLBgMibU/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgZShlMA8=&rs=AOn4CLBSfNirHaP-9r7EoONuFDW_17qRfg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c976e38e42fe20d13e93fa618ef9b07458d4181083877d8582605f3468a7f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59188
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 09D6 87 KB
40 KB 55ms
54ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5414a40bede412f26c1eae14945a1fafb896eaf1b712d78b5492645e7c43cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40751
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 09D6 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 09D6 51 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/uv9tbSmc4aI/ Frame 09D6 71 KB
71 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uv9tbSmc4aI/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgUSg9MA8=&rs=AOn4CLACO7FGPpWIup8bp_VsedRPa95GNA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99bcc2561587e02e5d4e695c8ed352583a274df3f5e0eba509f6ce46c8a77c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72830
x-xss-protection: 0
server: sffe
etag: "1703187514"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 6530 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6530 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

GET
DATA 200
OK truncated
/ Frame 09D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 09D6 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1B11 87 KB
40 KB 56ms
56ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

423d7e01ba565c452608d49d728e3c5d8cc3e4fb64f4d3eaffaf6affb3876a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40933
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 1B11 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 1B11 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/_GhgvEVwQFw/ Frame 1B11 110 KB
110 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_GhgvEVwQFw/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTyhHMA8=&rs=AOn4CLCtCLiwmed5eDyllFDNNwcsJqseHA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d485940cae278ad4d7e1f9af89161d9d222394719fcf237eadd256a1ce0058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112928
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 1B11 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1B11 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1100
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EE5 87 KB
40 KB 54ms
54ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0aa4e3e02a934c359d23c9165b4dcf284c743d057cfb7788378a15465ad7de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40846
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/ Frame 0EE5 116 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33708
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:44:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jan 2025 08:27:36 GMT

GET
H3 200 sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js Show response
www.google.com/js/th/ Frame 0EE5 51 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/sLx6qsRU46GEe0D3YqweyWcV0efz1f9DxDQkuEUxY-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19840
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 04:37:10 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/XFOSnPuRx40/ Frame 0EE5 102 KB
102 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XFOSnPuRx40/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgYSg1MA8=&rs=AOn4CLDQQCsKrj8NNCC_TpIp8kNetOVq-w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88e7e1f4d9b83d2015b8628d92956bf0cb349ec61a1727c9a6bbb5dfd37b6a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:24:13 GMT
x-content-type-options: nosniff
age: 308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104792
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 0EE5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0EE5 2 KB
2 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/3b7cLzBz3EA4gcodx1c3FxgBiA2OpBPF-jEXVtRWdoGX9yuOLZ3TVa6DqznnX5leNt_q-XdV=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:11:00 GMT
x-content-type-options: nosniff
age: 1101
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2039
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 08 Jan 2024 06:11:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 762E 90 B
134 B 50ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2343f4551ca5d13d4ee7db9f98c8b87d888bbb7e5a797607d7f7d8780807f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 48ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E5E 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

254392a9911347b7266bf52591498fbc5236594ada040d0595e277e56e08b353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 157ms
156ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0D00 90 B
134 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

027a5800bd5ee1e2500fe8ea335c4c2a9f3774e28084f0261dca17cf6b8032af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 66ms
66ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DADE 90 B
134 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce9c9d474cb5c18bba0ed6cda18c2fc3bf0dd6ad469787836f7515836716d716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 61F8 90 B
134 B 51ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b9eb29c5f177ff881f515db7b2c873318b4143418b637b379e6105bf50b1054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 514A 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c9557f72f779bf56de1ab25a9c5f3edd32792c7a5cbfe772f80c2fa5f33e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6530 90 B
134 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a86f7f4d43de59320e9a03b13aae318da52bc06cd27bc6c689498b9acede42a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 09D6 90 B
134 B 50ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edf145729e4ab6a85d82f6b4a44ae5e28c6812924f9921a9c9c6a7c90a5db7e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 3216018203444450565959fb65df761.30518545-00002.ts Show response
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/2000k/ 971 KB
973 KB 41ms
40ms XHR
video/mp2t 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/2000k/3216018203444450565959fb65df761.30518545-00002.ts
Requested by: Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.29.5-A/easy-stn-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fb989d7f32c8e8fdb796eb519cc75aaf06a554be424e6982f3bb07d7ecd2fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 18:54:23 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 41700
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-disposition: attachment
content-length: 994332
last-modified: Wed, 03 Jan 2024 17:57:59 GMT
server: AmazonS3
etag: "790012e5664d10b870ad8047126aad86"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp2t
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: AjlK1KDPyEsiq5q8E118bzlIHYkPYz0om3rP2gx2g0NJnILD3-e-iw==

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1B11 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68620403b734a79f6df98c544f2c400474b2f851a6346bc62c81d0aa84ce8440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 07 Jan 2024 06:29:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0EE5 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226d7c32887eff85a3de7eabb80e69e25c54602fd3f23ac4695732b772280bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json
token.rubiconproject.com/ Frame CF95 7 B
380 B 212ms
41ms XHR
application/json 69.173.144.138

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 762E 28 B
54 B 53ms
53ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962438
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959433&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6E5E 28 B
54 B 54ms
49ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962460
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959479&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0D00 28 B
54 B 58ms
50ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962517
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959359&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DADE 28 B
55 B 56ms
49ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962533
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959598&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 61F8 28 B
55 B 58ms
50ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962569
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959627&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 762E 4 KB
2 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6E5E 4 KB
2 KB 122ms
64ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0D00 4 KB
2 KB 113ms
67ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame DADE 4 KB
2 KB 117ms
81ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 61F8 4 KB
2 KB 86ms
56ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 514A 4 KB
2 KB 112ms
90ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 514A 28 B
55 B 56ms
49ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608962662
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959377&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6530 4 KB
2 KB 73ms
66ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 09D6 4 KB
2 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 762E 0
10 B 42ms
41ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?11KObA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PHb8bItodN0?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1B11 4 KB
2 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 6E5E 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iCLU8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/iqm4_aXBcFc?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0EE5 4 KB
2 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 06:29:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0D00 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?XOdDpg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/e7dE4wZiAog?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame DADE 0
12 B 40ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?mWxTrQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/whL-tvhea6I?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 6530 28 B
56 B 52ms
52ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608963033
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959656&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 61F8 0
12 B 39ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oKk_lQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9nuXFoJmz14?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 514A 0
12 B 41ms
40ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?bpDGig
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/D0C0om1CEB4?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&feature=shared&widgetid=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 6530 0
12 B 46ms
45ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?K79T0g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qVgGLBgMibU?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 09D6 0
12 B 40ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?8Xl7Wg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 49ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HWZRD1G07G&gtm=45je4130v868991718z8839960732&_p=1704608954072&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=1000h&cid=975722933.1704608955&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1704608954&sct=1&seg=1&dl=https%3A%2F%2Fwww.insauga.com%2Fnew-package-delivery-scam-hits-ontario%2F&dt=New%20package%20delivery%20scam%20hits%20Ontario%20%7C%20insauga&en=page_view&_et=2848&tfd=10125
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HWZRD1G07G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.insauga.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 06:29:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.insauga.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 09D6 28 B
56 B 51ms
51ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608963401
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/uv9tbSmc4aI?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=4
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959463&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1B11 0
12 B 40ms
38ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vHXbrw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 0EE5 0
12 B 40ms
39ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?vEToWw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 1B11 28 B
56 B 52ms
52ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608963643
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_GhgvEVwQFw?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=3
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959585&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:23 GMT

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame 0EE5 28 B
56 B 58ms
51ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fd50162/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704608963678
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XFOSnPuRx40?enablejsapi=1&origin=https%3A%2F%2Fwww.insauga.com&wmode=opaque&rel=0&start=0&end=0&modestbranding=1&playsinline=1&widgetid=9
X-YouTube-Client-Version: 1.20240102.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHcUt3bGV5WWpXUSi-iemsBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1704608959590&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C883%2C496&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 07 Jan 2024 06:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 07 Jan 2024 06:29:23 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 762E 50 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 6E5E 50 KB
14 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 6530 50 KB
14 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 61F8 50 KB
14 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 0D00 50 KB
14 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame DADE 50 KB
14 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 09D6 50 KB
14 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 514A 50 KB
14 KB 109ms
107ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 1B11 50 KB
14 KB 114ms
112ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H3 200 cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 0EE5 50 KB
14 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 07 Jan 2024 16:35:36 GMT

GET
H2 200 ppid
lexicon.33across.com/v1/ 49 B
101 B 140ms
140ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/ppid?pid=0015a00003LiqV3AAJ&ver=1.3.0&us_privacy=1---
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ppid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.insauga.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 07 Jan 2024 06:29:25 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.insauga.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 17:30:10	Name: __cf_bm Value: 497VkPtjVOQ8nA9o55ybFzQXWbGyGQIIw1L0.woYSjg-1704608954-1-Afda4hrQVjyXHWfRhKkEbW/haGyknrlCkQpgetGGuHWqzdfTlVEFPozgE7htB/xRNuWgOORfrVixkt4HNm8AgB0=
www.insauga.com/	1970-01-21 02:56:04	Name: _pk_id.1.6e1d Value: f10441d87e25239d.1704608954.
www.insauga.com/	1970-01-20 17:30:10	Name: _pk_ses.1.6e1d Value: 1
.pub.network/	1970-01-21 03:06:08	Name: _fsuid Value: 4d16ea1c-418e-4675-80c3-d1ba3f599fbe
.insauga.com/	1970-01-21 03:06:08	Name: _ga Value: GA1.2.975722933.1704608955
.insauga.com/	1970-01-20 17:31:35	Name: _gid Value: GA1.2.642987685.1704608955
.insauga.com/	1970-01-20 17:30:09	Name: _gat_UA-26412431-1 Value: 1
www.insauga.com/	1970-01-20 18:13:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-21 03:06:08	Name: XANDR_PANID Value: cTUDr0VtEMrD52TdekrovpAxzIdy7dzCJOHcJCLYVudCQhdmKkdvAAnzfj3xOGdfCBaXX5kN9oaLYf6AwVZgsJKV3mHKG3MIJUXPkwVKoIQ.
.adnxs.com/	1970-01-20 19:39:44	Name: icu Value: ChgI99FAEAoYASABKAEwvInprAY4AUABSAEQvInprAYYAA..
.adnxs.com/	1970-01-20 19:39:44	Name: uuid2 Value: 4114248103763616704
.insauga.com/	1970-01-21 03:06:08	Name: _ga_HWZRD1G07G Value: GS1.1.1704608954.1.1.1704608957.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Q3q_fcmB4Yw
.youtube.com/	1970-01-20 21:49:20	Name: VISITOR_INFO1_LIVE Value: GqKwleyYjWQ

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 503) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.insauga.com Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1254) Message: Unrecognized feature: 'web-share'.
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').
security	error	URL: https://www.youtube.com/s/player/4fd50162/www-widgetapi.vflset/www-widgetapi.js(Line 1262) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.insauga.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.pub.network
aax.amazon-adsystem.com
api.cmp.inmobi.com
api.rlcdn.com
buttons-config.sharethis.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.onesignal.com
cdnjs.cloudflare.com
cmp.inmobi.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
csi.gstatic.com
d.pub.network
d29xw9s9x32j3w.cloudfront.net
embed.sendtonews.com
embedcdn.sendtonews.com
eus.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.hadron.ad.gt
id.sv.rkdms.com
images.outbrainimg.com
imasdk.googleapis.com
jnn-pa.googleapis.com
js-sec.indexww.com
ka-p.fontawesome.com
kit.fontawesome.com
l.sharethis.com
lexicon.33across.com
log.outbrainimg.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mv.outbrain.com
optimise.net
pagead2.googlesyndication.com
platform-api.sharethis.com
platform-cdn.sharethis.com
player.sendtonews.com
polyfill.io
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
region1.google-analytics.com
rock.defybrick.com
s0.2mdn.net
s2l.sendtonews.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.insauga.com
www.youtube.com
yt3.ggpht.com
104.18.35.167
108.138.1.25
108.138.26.76
108.138.9.235
13.32.121.90
13.32.27.80
146.75.118.132
151.101.1.26
172.64.149.180
172.64.151.101
18.193.236.213
18.245.60.23
18.245.60.76
18.66.97.101
185.64.189.112
2001:4860:4802:32::36
23.35.229.181
23.35.237.86
23.67.137.210
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2057:de00:1a:ba5c:3900:93a1
2600:9000:206f:9a00:c:abe:f440:93a1
2600:9000:214f:dc00:1b:cadc:ef40:93a1
2600:9000:2156:aa00:1d:85c3:6640:93a1
2600:9000:2644:200:9:46dc:4700:93a1
2606:4700:10::6816:445
2606:4700:10::ac43:246e
2606:4700:20::681a:a5c
2606:4700:4400::ac40:93bc
2606:4700::6811:180e
2606:4700::6812:15ce
2606:4700::6812:d63b
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:829::2016
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:4008:805::2003
2a00:1450:400c:c00::9c
3.120.45.29
34.111.152.239
34.120.133.55
34.160.152.31
34.206.99.162
35.158.251.159
35.244.193.51
37.252.171.85
46.228.174.115
52.223.40.198
54.87.72.75
69.173.144.137
69.173.144.138
70.42.32.127
95.101.149.233
99.86.4.128
005f0120f2ab186b949156b6f2871dbc5d6a6149cdab6c7738524c863f9b89cb
0271e782d0e49674121fe3f5e703dfbff44ed8de8b8625a006eeb4a9702724d7
027a5800bd5ee1e2500fe8ea335c4c2a9f3774e28084f0261dca17cf6b8032af
02c3c7c9da81463c8edf9498c970d77c93363b2456b663ef9ad27df5568d2bc0
02ff9ab9217afbaacb4ccd2a48d03c83161ba8126c0a1ffea3598b2946817880
046b64ddc8ea0a532721b4bb1cd04943d500221a6df40096989fd46bfc5a9c75
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05e55d3f3f705314388e03d10535d8c0c352757f7fc68af42f5346fb5b87b3fc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
094400fb43c70285180192f21c9f677821824153b56f4d886169102c35ecb443
0b8169422d556a255ed9864afb2ee3d7e1e48c53a654abef8d9b6a01a1954e43
0c953cc35bf5d5c29dbbaaf0c4accb29b1723a064b87d40b2a34be245a0331da
0e1029c010bf3ffffddf8526d41c53a774fc89bc5c35fe0a83a43ae5432b499d
0ec83c8ce8f8e1e52e2bb1e0c193b5ba4db12933cc5d962b02ad33127f4ffb66
0ed9fdec151d0a5cf34aaf03c954f151076c478014e356401ee6b5b99ae6632e
11f4b1c5b48fa0100ba180a2e7ffc3296a59ecd4b210351bb452130979c8582c
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
1496e19cbae1f57865ce25d8d72caadd2195fabb9d9f19d18a10849c370371e1
157d6523f90673c330132adaa6da084978050691fa435ce52f67ab498472d4c9
1691b9fe6668e680bc136a8a6bdaf2cceb06382166d6be799c295cf621ba365e
16b920c3cc475810e74ee3a99f0282715622f04cf65bceed1717a988cf43702b
16bc0856c3e9eb74118b11fa6a87b0d8ef2ddc25760008fe4ce6010ba2a8618f
170c16f59fccb161c35f0408753ca635531d2436b843a407cd8d071008c27461
1b1817b94f0d250b352f05343bad8c799ae0d9590a369cbf42f8104e4dcce5e3
1c9557f72f779bf56de1ab25a9c5f3edd32792c7a5cbfe772f80c2fa5f33e53a
1c976e38e42fe20d13e93fa618ef9b07458d4181083877d8582605f3468a7f7e
1e0e919d66084056f606f99cf4fc77bc0a8760f8ccd08d6652a860a06851c3a8
1fb989d7f32c8e8fdb796eb519cc75aaf06a554be424e6982f3bb07d7ecd2fc4
1fdabcf1013e79d3ee3e5156bbde84d091362cba11095e687b32affbbe99a514
204f9715c5160102ee1963b4e87592d839d884a8e074c2ae19c527ec51575b70
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
22165c1c34db362aa926dd117f24696f8a0038694d3867620d146ff33edc7078
226d7c32887eff85a3de7eabb80e69e25c54602fd3f23ac4695732b772280bf9
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
254392a9911347b7266bf52591498fbc5236594ada040d0595e277e56e08b353
2564e45a79a215ad3bca0b98c107a21f5952a438be50675a72026ad1d739801c
25e2c0cbece7d325363255fd4928d82cbda7438cf9768a2b03e4b378946ae23a
263625688b2b0af7a02a3ed002f34511e699ead71794ab04a42a40722cd5a8a1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27c699769c71345fe96bb11e8b0e2c1534d3ba5749c32e40362ff9d8ace30af8
28119464cf936ccce42bcf7bd8bfd50beef58fd90fdaf7d4ddda15126df3b3d9
297e0f30f226251ffb228a10a6b60b773fae836463e2d686b1df6b20f602b0cf
298ad344d4e35f8f3b08bff5f4a1238366715cef82cee3c3b8d808bd9de4c49a
29a6f3edd7781aa62ffe606e84c8dbd94f3f26d3323e3ccebd34df387685e344
2aae0904358c4366a7aa713d28587f3087a974b2a2cbb75be5aebf5853e7c984
2aafd53863b6ac95432cf92b35981bcccf56fac3630901fc5608c686ca01975c
2e13983382fe35bcbe41996389c027223cda8278e84e6882f00073bf75caf4a3
2ec886a92b7e11ba9d1c63b066968adaeaec60c97a061ddd6d85ef593f4f00e4
2fbe9e10f0eb649e6e2f51c0cfa510258e27fda43bafbbe79ac055e66f205509
301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc
306c0c52f205c37a95511b7e9471d504fbe32058807709ed4a48562d440006cc
31f84418cf06ce92e7f7d00c00977db0f8d150f3e866eedb0031b151a86a5e56
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
38d94cf197fc33297f7ddd2462569c82e31ec4606ff7930f06871ed41b625749
38e80a044364622ef78e49df09e8e20253ab6c154fc76d30fddc24260ebd2c12
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a
3d8cb361adc67d7a894bc80555aa16ba037d106ec1b5eaf67d377da336bcdc6a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee060bed93c69b6f61e46a6eda98728facc7007d23b4e40b4d0c82e1aba8e8b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
423d7e01ba565c452608d49d728e3c5d8cc3e4fb64f4d3eaffaf6affb3876a79
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
459715b6e6c5589c7780a874b29729f0ba77c1ee1baf38832509fd5bd17551f1
46ee20dcee8f8b2a1219e480a3cd6187678909c67aa87eafcff71c272fe60525
4897e65a60b038373d42e5d898014107c456670929e2a1da682161e03ccc16e3
49f72af4368738fac9dfbbfd9351b919893fdc8248120d6b5a274e429a25090e
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4f18ca014cd18149a764c032ac5dff780737a6643d1de23bbee94c9c36df8e24
4fe1a07ee79876cf167db5ca49f0a6588c6a7ac3d6f963083f3e2366105e1845
5058203de32e3626f90c1f784b2a68fc00c32ab66616398b2e7d3029ed3462b5
508bb0ea10e79108ad1d7d9e49b5bb7a79482f9bf88377bebc5ff33bde4c5133
50e1ba679b1131a2a56d9478d56c7ce17d93a844799a83b0dfd3d0203fdc8b26
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55cbe47daae2e1d00bd3185c4dd5b23f43c658c3a072cdb369f4080523e222fd
55f1445bd860594cc315e2347cf2b25f66b4939c396afd0db5f3b2973ecc1da2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57bc67b59ea976f848f4c67f6eb2b0a0f662a0eab1901a6c60a19dff541a1e13
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
5995a87d88a07890e330721eaf611d876b9644a916c71be217dbfc0b0bba8370
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d3ec333952c837f0b3305d9196e676bc7ecd4ed3d8045665b778602f31d5cb4
5d52e29407e6fefabadd79374fa4a0afe06d6a8e26f60f013d0502703caa6dcd
5db0a646608d4b9d7677306f991f9f3c68c206af130dcad053309ef4d5f87531
5eaf9dcbb71c48e1f5c30c31610f3f2eea90dba2dbf9d2fef6381ebca83cfc51
6100595bb8b7bcbd1032610b733cd1128a773077367ba007886337f01abb6b20
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6267ba33e95f6defb5f1bf4d67470cb65f88127054df43a498c5426c437252a0
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65b8988521f5923860f5044d459304fd678f97b907a7bfe9fb9068177b751c36
66dd3cf992fd4d316e0cec642850a59723c6aff7d7f146352bb229a0aed8142c
671e5939d376a46283e075a1d021e2207809da3bccf32388f41a7a6be247ab8b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
68620403b734a79f6df98c544f2c400474b2f851a6346bc62c81d0aa84ce8440
6b9eb29c5f177ff881f515db7b2c873318b4143418b637b379e6105bf50b1054
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
6d3aab6e39ef96893870b5f58b0886cfecb74bc07c32679c97f5a0e9bffc2b52
70d485940cae278ad4d7e1f9af89161d9d222394719fcf237eadd256a1ce0058
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72864f45951701ed5abeff31fff9660ccb7922e687aa201131c2327640146038
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
77b667d0b984ee4adf835d526806c9a06522431d5cc830fada82dabdfe36163a
79d90de29fa3778d7869eeeea23a0e5d2baf49e548b3bf44d1e8673ed44d86b7
7c441feecd4b048f63e62863fa1de42be63211483aea4088d094fb37683f11f9
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82d702e77d180a2c3061031d17ebdd4c64a5136f6e8eeef9aa81279240cc3957
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a
8406a39ecffe76d6c59aa7e43e3b3f0f98396cdadf1a29928ac6e7b693400870
845ee33c9bbfa837612164284a396dc93d990635aecbe3331128dd8561a5d892
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85319456d833877d3abd0898544fa2efaf5969b05497e1fb20f2c849d9e439d5
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
85976c05de46ce57ed5573e315c75d3377b11c946683a4ee81d6092a59032f34
8687ffc5bf64630ff87329d70d466cfb2d81802c3a11f10bb31517e3cef9b9aa
868ce6571a6cfac47ea934bd410ad71bfaf6152d856a806f7a617a94cbe8d8b6
88e7e1f4d9b83d2015b8628d92956bf0cb349ec61a1727c9a6bbb5dfd37b6a8a
8ad3b65563d99bb490e7ded742156c036b9de5f48efc5cf688de6e2e81146c3c
8c7d953f7b9414b800a3a4ffce521137061c29a3198c7cd9a063f061206d605a
8d2d5e5223c56f16313db54ea5b9c44978afd8982423e3cf88fa034677ea17ab
8e289976ace530c79a85b95aad1e6434afd5dc5417b35e2ec1a8d54214dd2760
8f77ec033c86324c47a1bf511d6f2e17fedb22b73bb42678f8d8607de6554b0a
91f1705e80b5dca2ab8f89c255cc64aa87a7742fc25564109137cf2c6a205eb3
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
926d1ab3abf48cf01377caf6adbed8c8a5e9dd1726e174c945af41137661404d
92cb34ab68b392664900ed421954c9a7d19e4abfb9120c2966a2513a732bc61f
9366360718b3875cf80cf5ee1c88df2b51af9add4e3aae9c23460f0bc08540d1
93b59db38ce853da5cf8b6f13c55330a8e353f496174077483cc38de8a8ccb75
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
96533d5156529a6949cd7d35d97488718d944682eab820e698240c11fd68383a
970a471f91ad8bc60848134b6630c76d5300caa1e88e6ebed454174022dec0af
973d937f69f428e851085e61e90eccfbb4ba39dab2ccdb303fcf08fa3fbd9dcc
97d0a95830a56dd5f50904c5b513897af86671bcc13d493994c3ac60ff5bb511
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e43f03fa178ea670392d7a870b89f89ff7794e58ec7e380dff7b25435cd789
993d8adb5355f1f018b4b6eff0e082e1b0f8f30da9a2396b72645d5cbfb15bca
99bcc2561587e02e5d4e695c8ed352583a274df3f5e0eba509f6ce46c8a77c0f
99ec023e92bb79bd87284d69f5c61747b5ed657320c6488bdf3f89062413c7db
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bb7c16cb296145abd4eb2379255f977abee25098990820b38ea15473a17f7ce
9c7829313d69008a18e36a9fe23647bb9b0380a05dae298446b2e31a5dd7904e
9eef6cfaefdd4ec58afa0580bb31685a377f331b1f7ff5ae3cbf81c0b494c3ec
a619d0f2106408e910f5a3414b8e989bdd48cc19ea80662889d346e99f93c3a2
a64bb21d450aacbee1e5ae72fdc4786267652f7f678739c1afb8e8814188ff14
a68d6c2c0caa12b714b991d6756de301a40459b3d4035426fe7cf87a10434db5
a86f7f4d43de59320e9a03b13aae318da52bc06cd27bc6c689498b9acede42a6
a8891b56bbab9e732b67abe356c6638b18ef9f050586acf4489536b0e840c6ef
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a9bcdf2407e078af6286595ba9078fde2695d2d0d5e6c483a432fe9263fef78a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b03f40ec414c311cb314032b9d2b93585b730395d9388ed6130c0f03f7621eb0
b07dfb6bbc7bdae7c0d91f35a0f2a5d40e5c7d66341b78d477a212c5d8c46046
b0bc7aaac454e3a1847b40f762ac1ec96715d1e7f3d5ff43c43424b8453163e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14b2ed75706366ac466a5e05b7cd5fb65ac4c0c2e128302ecc8878a5601b4b3
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6857371393a211519cf66b7fe83b1b189a97ab6a1b2532b3ad9a1b37b4a4258
b7dbd67a716699b9050be0fcf74cd8421d2439439fd52b02e98771a9fe13162f
b882632c50e1e7165ce5aa20c6e3f870e18e96101c9af9f59174aa88bbd5d580
b94bf7f557da63975ec6378d765bbb820f5935911138db7e8308fe35c112820d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf1e690b97fd97ddea7a60ef92058c356b1987ea28d6d9c9b397012ab712a297
bfc6a422ff120aa9f97f799b541eef116a6b222cf13e1ea8574ca16a8fdd6c1e
c3356f0f5569f8ef558651670486b10b673b2bbce268a8f265812b3820ebad28
c3eff327e2b315bf259663d33da93d13ee34d465e85ef4a01ee19b2972adf630
c499af4bfdd452ab6dd9ccbad6e90b848a715d114aa4b54ec31131724ec96936
c4e2bdc1dd02b7b32e0e26895ecf6d798def301edb7ea3767e1efbfdebd66927
c5414a40bede412f26c1eae14945a1fafb896eaf1b712d78b5492645e7c43cf5
c5616ba10b6985a97fcf56a9b3cca7f01d770529844cedcd84c07a2d46468fa9
c5da8e3e0b730ebd639c028669a8c7f83c4c738d0a822cb17d0298aa76f1bd1d
c6fdfce82c380006c9aabd9bcfb7cf0df67a6e8217a1cce5621d21cadb6b0b31
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b5e1e68169ba720b6669063b41e5b3d6211a9e85391fa9d64c9ea86b742fc8
ca02d2666d068383bc177fa134f2d47c97e84057b83064ca45b8d29c7c97035a
cb06b63b4733960de982c0899dc24359280719b9e8598c265d2c5a2ced1ba18f
cb0a90737ad62dc45fa55d46bcfa0f48ab03268e8bb65a3fcaf64ae9458b9f84
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
ce9c9d474cb5c18bba0ed6cda18c2fc3bf0dd6ad469787836f7515836716d716
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1616173d9515695df4688a4d8487478860ea0036019a07903a8c0128a263716
d2288c575a997b8e3c506f2d9d6ee20a12c9592d66a98404f58100369797c939
d3e6adbda65d2903f09a41c14896d338479636be883f23fd9c22cfdecdadcd26
d53e4d8d9996346bb5a2694af76d4140cc903483522f076fd46ac6fd691c3b0c
d61a8d3e6da67e46b816cf6641bbb3ad7b3ad3623b9fe268012f045d5d5c8281
d6fc381fc8274a8e05c221c15702c0c523d1937fc0719a1d4a9e95cc804c560f
d772756f7f30b155def5b4c539d7883b69134c27e64be72d6e2fd98b37718843
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d8bef2caa83f2bb23c827fe587d647710fa80d23010e5ec1d05020b1cf9588bd
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
db6fa13cbab91516913fbcc921f76bd67b4792d6cf4ffd846ba8aa18ad572059
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
de1effd04ca1a784ced631d1eaeac3340ef9735f00a2cbdaf745aa2d16c4a4b4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dec66aad114813b197bee33870310cbe37e7c038431e18c343374d6f87e9fcef
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0c3628456b4bde2b6911e0591c73bf4c7758c54f59d0317e1a0dc3242b099fc
e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc
e2343f4551ca5d13d4ee7db9f98c8b87d888bbb7e5a797607d7f7d8780807f35
e2741f71d3f6d0a27b68257f6426a49df3dcf4e08f9eeacbfb152f4880b47373
e293e07ecd178236c8b7e9952c3f202c9ad2ea780f9ab00b5378bc5f4baac5b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b435b190ec472810853b7a339bb9892e5ae8114809be699c421282e67e795d
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec89ccaac2e1a198b9e8f198457116a0a5c57329bdb108af520bc8d4ff08704e
edf145729e4ab6a85d82f6b4a44ae5e28c6812924f9921a9c9c6a7c90a5db7e6
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aa4e3e02a934c359d23c9165b4dcf284c743d057cfb7788378a15465ad7de4
f1fddf504afc9da5c3a0666f4542257a8d57725cb5c8784a6a26fb47f8c4d8c4
f4f6adfb5ea3d9502595163ad4b4d3d57fb796477f2e23d1980687f3abad5f38
f6bcfaf5eadae0d1a950233a53197815f9f93a3f04201a54d689a9a6eb58bf94
f7dcdc6e0616a78036b0b985b427493e75ea98ebbf081831224cdfa96e463e9b
f85e538e44687fc0feaa2f66a67831ec9f9b03446f115dec74b996da4a0a4a52
f889ab9b9138135d594a5da3ad215533462f6007ef0c8ce4c1ac6f9f0e5c4885
fa596e723e0e82a47f0e332b2dc334eeffc67730ce9098cad1dcf218c18893c2
fb37cf279b4443d7eecd55ec8b04b0007748f2b1754b15e9d7b160a18ccebb3e
fb837706d47762f352e246767f1bd81720853f4900c124c01e5efe326d223025
fd3324b939db83e4783489b6a1511d1a8a77b6f5f49825557d2a3c79bbbf38fb
fd402a1bc74812413ab3e4c4e477de426081dd4b7f9836863ae6e360489869dd
fd4dd4e5892b33b487c3a8b06ed9a74dd52baab48d93a1ece81eeca249f86708
fd500dc338e9ea802f0122e9b5586953327acb1a431dacc95010011e55e935de
fd8e6d26ae464a400f3c77955c4d426cec2d159f514c30ff72f9155f6e606a15
fdcc781063be4b81b5af6c68e2b04a37c5ee54564bed9662b0548979d8685690
fe542370a4b56923b092842c75262bcbfed6aedaa6c22d32aa7d3dc9696c2ead
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.insauga.com Open in urlscan Pro 2606:4700:20::681a:a5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

421 Requests

97 %HTTPS

49 %IPv6

44 Domains

74 Subdomains

67 IPs

6 Countries

18676 kBTransfer

49489 kBSize

14 Cookies

10 Outgoing links

Redirected requests

421 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.insauga.com Open in urlscan Pro
2606:4700:20::681a:a5c Public Scan

Screenshot
Live screenshot

Full Image

421
Requests

97 %
HTTPS

49 %
IPv6

44
Domains

74
Subdomains

67
IPs

6
Countries

18676 kB
Transfer

49489 kB
Size

14
Cookies

421 HTTP transactions
13 data transactions