urlscan.io logo urlscan.io
SecurityTrails logo

heavy.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heavy.com/
Effective URL: https://heavy.com/
Submission: On March 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 53 HTTP transactions. The main IP is 192.0.66.32, located in United States and belongs to AUTOMATTIC, US. The main domain is heavy.com.
TLS certificate: Issued by Network Solutions OV Server CA 2 on December 22nd 2020. Valid for: a year.
This is the only time heavy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    192.0.66.32 (United States)

ASN2635 (AUTOMATTIC, US)
heavy.com
2    2a04:4e42::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    13.226.159.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-69.dus51.r.cloudfront.net
certify-js.alexametrics.com
3    23.37.53.17 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    13.226.159.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-21.dus51.r.cloudfront.net
certify.alexametrics.com
3    13.226.159.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-124.dus51.r.cloudfront.net
ads.adthrive.com
3    2600:9000:206f:3000:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2600:9000:2182:4200:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
14    2600:9000:206f:d000:a:b6fc:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-consent-tool.privacymanager.io
2    13.226.159.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-52.dus51.r.cloudfront.net
logger.adthrive.com
Domain Requested by
14 gdpr-consent-tool.privacymanager.io gdpr.privacymanager.io
gdpr-consent-tool.privacymanager.io
13 heavy.com 1 redirects heavy.com
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 ads.adthrive.com heavy.com
ads.adthrive.com
3 sb.scorecardresearch.com 1 redirects heavy.com
2 logger.adthrive.com ads.adthrive.com
2 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
2 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
2 www.google-analytics.com heavy.com
www.google-analytics.com
2 polyfill.io heavy.com
1 unpkg.com ads.adthrive.com
1 certify.alexametrics.com
1 certify-js.alexametrics.com heavy.com
1 cdn.onesignal.com heavy.com
1 www.google.de
1 www.google.com
1 pixel.wp.com heavy.com
1 stats.g.doubleclick.net www.google-analytics.com
1 stats.wp.com heavy.com
53 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
flipboard.com
api.whatsapp.com
facebook.com
twitter.com
wpvip.com
Subject Issuer Validity Valid
*.heavy.com
Network Solutions OV Server CA 2		 2020-12-22 -
2022-01-22		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.adthrive.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.privacymanager.io
Amazon		 2020-10-24 -
2021-11-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://heavy.com/
Frame ID: 0B9CB28C1EA9BB6EBA0475DDF3EC33F6
Requests: 39 HTTP requests in this frame

Frame: https://gdpr-consent-tool.privacymanager.io/1/index.html
Frame ID: 40D5C4D1327C1D149E06195796629557
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heavy.com/ HTTP 301
    https://heavy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

53
Requests

100 %
HTTPS

56 %
IPv6

13
Domains

19
Subdomains

19
IPs

3
Countries

1178 kB
Transfer

3381 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heavy.com/ HTTP 301
    https://heavy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheavy.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheavy.com%2F&c9=&cs_ak_ss=1

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heavy.com/
Redirect Chain
  • http://heavy.com/
  • https://heavy.com/
201 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
2c593fabdaf3d741819c74708f71dd112cda8777a48bacacb57c4783e2233594

Request headers

:method
GET
:authority
heavy.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 15 Mar 2021 17:55:41 GMT
content-type
text/html; charset=UTF-8
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://heavy.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
x-rq
ams5 101 97 3163
cache-control
max-age=300, must-revalidate
age
0
x-cache
miss
vary
Accept-Encoding
accept-ranges
bytes

Redirect headers

Server
nginx
Date
Mon, 15 Mar 2021 17:55:41 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://heavy.com/
polyfill.min.js
polyfill.io/v3/ 		72 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CArray.prototype.find%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise%2Cfetch%2CElement.prototype.closest
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1153416
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Mon, 01 Mar 2021 19:22:10 GMT
date
Mon, 15 Mar 2021 17:55:41 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
iolazy.min.js
heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/ 		2 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/iolazy.min.js?ver=1614701573
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d6892f653cf61cfb84678d798fd47b833a6e9e097c1fa431e571e2812515dfd6

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
x-rq
ams5 101 23 3187
last-modified
Tue, 02 Mar 2021 13:50:27 GMT
server
nginx
age
1129239
etag
W/"603e42a3-6e9"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
748
expires
Tue, 15 Mar 2022 17:55:41 GMT
main.js
heavy.com/wp-content/themes/heavy/assets/dist/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1615218846
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b407c3fc8744eb94790f1e6944de62e8f6cc2cef4eaebd84287018300c51a14a

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
x-rq
ams5 101 97 3163
last-modified
Mon, 08 Mar 2021 15:54:06 GMT
server
nginx
age
612068
etag
W/"6046489e-833d"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9308
expires
Tue, 15 Mar 2022 17:55:41 GMT
print.css
heavy.com/wp-content/themes/heavy/assets/dist/css/ 		699 B
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/css/print.css?ver=1614701573
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
x-rq
ams5 103 40 3196
last-modified
Fri, 18 Dec 2020 10:21:11 GMT
server
nginx
age
1129238
etag
W/"5fdc8297-2bb"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
381
expires
Tue, 15 Mar 2022 17:55:41 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1636
date
Mon, 15 Mar 2021 17:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 15 Mar 2021 19:28:25 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
116 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CArray.prototype.find%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise%2Cfetch%2CElement.prototype.closest
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1153416
detected-user-agent
Chrome Mobile/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Mon, 01 Mar 2021 19:22:10 GMT
date
Mon, 15 Mar 2021 17:55:41 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8769e85d6758bb6a8c28e82e3f8a4ef674c4c8e1e59ed1de97c9b724afd887fc

Request headers

Origin
https://heavy.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe99480f280789531ba6a948a72f6d88d946ce92e5b5b08b279bbb2c7cd08a3f

Request headers

Origin
https://heavy.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=113377592&t=pageview&_s=1&dl=https%3A%2F%2Fheavy.com%2F&ul=en-us&de=UTF-8&dt=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1370089164&gjid=841025482&cid=668397309.1615830942&tid=UA-1995064-1&_gid=1024800382.1615830942&_r=1&_slc=1&z=1488031221
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Mar 2021 17:55:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.min.js
heavy.com/wp-content/themes/heavy/plugins/google-analytics/ 		889 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/google-analytics/ga.min.js?ver=1614701573
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83edd49c75612c0bbbf5565072adde4e188adf5d1005ca57ed9582cdd6e445f8

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
x-rq
ams5 103 40 3196
last-modified
Fri, 18 Dec 2020 10:21:11 GMT
server
nginx
age
1129238
etag
W/"5fdc8297-379"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
449
expires
Tue, 15 Mar 2022 17:55:41 GMT
e-202111.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202111.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams
date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 05 Mar 2022 02:41:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1995064-1&cid=668397309.1615830942&jid=1370089164&gjid=841025482&_gid=1024800382.1615830942&_u=IEBAAEAAAAAAAC~&z=11796166
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 15 Mar 2021 17:55:41 GMT
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.1&blog=176147951&post=0&tz=-4&srv=heavy.com&host=heavy.com&ref=&fcp=597&rand=0.5696839765753663
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1995064-1&cid=668397309.1615830942&jid=1370089164&_u=IEBAAEAAAAAAAC~&z=4459366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Mar 2021 17:55:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1995064-1&cid=668397309.1615830942&jid=1370089164&_u=IEBAAEAAAAAAAC~&z=4459366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Mar 2021 17:55:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: heavy.com
URL: https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1615218846
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:41 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1689
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
63079d3a1f571f55-FRA
cf-request-id
08d8a0984e00001f55a69ad000000001
expires
Thu, 18 Mar 2021 17:55:41 GMT
heavy-samesite-cookie-widget.js
heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/heavy-samesite-cookie-widget.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:44 GMT
content-encoding
gzip
x-rq
ams5 101 21 3100
last-modified
Thu, 17 Sep 2020 16:40:24 GMT
server
nginx
age
10538371
etag
W/"5f639178-1190"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1424
expires
Tue, 15 Mar 2022 17:55:44 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-69.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 29 Sep 2020 00:34:48 GMT
Via
1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
14491257
ETag
"96c08723796affab377d9bb08d631cd0"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
4264
X-Amz-Cf-Id
YySUZjvbOJ7Bdv3tOBehewimgiJNK9zq4-9V7NfbUC1ygjUoji2ClA==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Mar 2021 17:55:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 16 Mar 2021 17:55:44 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheavy...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheav...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheavy.com%2F&c9=&cs_ak_ss=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.53.17 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-53-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Mar 2021 17:55:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&ns__t=1615830944807&ns_c=UTF-8&cv=3.5&c8=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&c7=https%3A%2F%2Fheavy.com%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Mon, 15 Mar 2021 17:55:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Heavy.com%20%7C%20Breaking%20News%2C%20Sports%2C%20Entertainment%20%26%20Shopping&time=1615830944809&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fheavy.com%2F&random_number=20062300169&sess_cookie=b778fccc17837078c28896e81bf&sess_cookie_flag=1&user_cookie=b778fccc17837078c28896e81bf&user_cookie_flag=1&dynamic=true&domain=heavy.com&account=lfktn1QolK10vg&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-21.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Mar 2021 04:11:03 GMT
Via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
49481
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
DUS51-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
HmFLT8ZaF85CGhYs_puWyy-p8RliJvhFUCx5Lg2bAZychFRtT5d5ew==
ads.min.js
ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?threshold=91
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-124.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
c5faf44f76f1c8549ae2bc170252d2b94aa1f57a34c59d8123c71fb0469d264d

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adthrive-bucket
gold4:con
date
Sun, 14 Mar 2021 22:05:37 GMT
content-encoding
gzip
adthrive-deployment
ad-808:pr1510:gold4:548b432:con
age
71408
adthrive-commit
4a2b9a3
x-cache
Hit from cloudfront
content-length
3445
adthrive-pathname
server
CloudFront
vary
Accept-Encoding,Referer
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-pop
DUS51-C1
access-control-allow-origin
*
x-amz-cf-id
Z0hwj4C6_obbpIfvN3nIrEl3tnv-P2weDTLoRF5KN7SgbIsloBHuQw==
adthrive-hostname
heavy.com
adthrive.min.js
ads.adthrive.com/builds/core/4a2b9a3/js/ 		343 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?threshold=91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-124.dus51.r.cloudfront.net
Software
CloudFront /
Resource Hash
a8b87f264c9a62116462a03bf9ad802b00b10e091f40e3131af1a290780f98d1

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 20:14:10 GMT
content-encoding
gzip
server
CloudFront
age
78095
etag
"b247fd30482fa1f95aa04dc42834d983"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-pop
DUS51-C1
content-length
80776
x-amz-cf-id
6DLEFcqYo3f64dSR9QAagyik7hHmPYij2FFhm_cvM7yy8Lx_G4Xjbw==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		401 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b76dc912a6dfd69ae360eee56f94630c2e5accd215853d5b0675566b0fc2ad1c

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 15 Mar 2021 17:11:27 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 14:45:12 GMT
server
AmazonS3
age
2659
etag
W/"c621a253bbf9e3c26661da9698fe2a62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
OjZI8RX_4hhUm1X519dqBu15KzqCOAZd
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
content-disposition
attachment; filename="gdpr-liveramp.js"
x-amz-cf-pop
FRA56-C1
content-type
text/javascript
x-amz-cf-id
Xzhry59Irx-ksOI2g33wMwg4eW__1tHRXjg7ZizD7x0gcawz1Hp0tQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
e1ebc79e2fc88e3ecc52cf02083666e467c05a7d2ce372b92f2077f816f26af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"812 / 562 of 1000 / last-modified: 1615806790"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19737
x-xss-protection
0
expires
Mon, 15 Mar 2021 17:55:45 GMT
prebid.min.js
ads.adthrive.com/builds/core/4a2b9a3/gdpr/vendor/prebid/ 		376 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/4a2b9a3/gdpr/vendor/prebid/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-124.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f4ca48834cdff36234cb6d6ed793c84f21594235a3e7853b5d904a2890bbf2b

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qHqC8bqUKvUQG5.dMQ3tctdZNVoEbzpR
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 18:23:08 GMT
server
AmazonS3
age
2498
etag
W/"982d6feb4f2803741d13e4c53c6ff461"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 15 Mar 2021 17:14:08 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
uj_HxFpDsBW1rxfthT_gj7wet31bIITYq2VehGZ3M4rCuBvhpuP_wQ==
web-vitals.es5.umd.min.js
unpkg.com/web-vitals@0.2.4/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@0.2.4/dist/web-vitals.es5.umd.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7759e54f5a6c7c7fb2bbfe960a8987e05a205022750a3da5829f777509c6966d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6875890
vary
Accept-Encoding
cf-request-id
08d8a0a69e0000dfc32632c000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"dc4-zHMtd6MY6uJBl7Yg/m0ZngsgUrM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
8a17bf0066809ae9d9cb54e3c27c67d1
cache-control
public, max-age=31536000
cf-ray
63079d50f81cdfc3-FRA
gdpr.bundle.js
gdpr.privacymanager.io/1/ 		174 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4200:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9320506172fa70da0a413c0826c1973fe60a3bb2076617c3c0459f0b45daf255

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AF4gVHORNtJ4QwyIw2RTBhME7rkeMLAo
content-encoding
gzip
etag
W/"936f1db70b2b363cfb3b1b97c1c61a2c"
last-modified
Tue, 09 Mar 2021 22:31:07 GMT
server
AmazonS3
age
1440
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:31:46 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
6G1d3sey3Uueejl0cnrSv7b8qnUb5dHh9ACpQNKQAqZBb21QVS5Vqw==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol
H2
Server
2600:9000:206f:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://heavy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
date
Mon, 15 Mar 2021 17:11:27 GMT
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-allow-headers
content-type
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nZvnXbegLE2bWEqj4781qjTUmyTkTOx6L2lAQFSr3wPFSe1cT1PpYw==
age
2659
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		60 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2a2f3eb012e6c1a8652a3de2fe7b6de26afaa2d723f9cda3459421f490e70c2

Request headers

Accept
application/json
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Mar 2021 17:11:27 GMT
content-encoding
gzip
age
2659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 15 Mar 2021 17:05:57 GMT
server
AmazonS3
etag
W/"1200335cfb7b0fd6cb44a4749b8baa8f"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
wcvVROx4u.ZnL2onoVgViCzd9cFd0Ps6
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
FRA56-C1
content-type
application/json
x-amz-cf-id
Wt_yGvvCKW5unMnrvb4G1D9OpPd9KTXeVR5_N52SfhsnzJ1fVb6ITQ==
pubads_impl_2021031001.js
securepubads.g.doubleclick.net/gpt/ 		284 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 09:39:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102356
x-xss-protection
0
expires
Mon, 15 Mar 2021 17:55:45 GMT
index.html
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		942 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5af9c3e8cb86cc5da1d61d1830fd282e957b934ad695e7ade6bb6ed7ea2af375

Request headers

:method
GET
:authority
gdpr-consent-tool.privacymanager.io
:scheme
https
:path
/1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://heavy.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://heavy.com/

Response headers

content-type
text/html
content-length
942
last-modified
Tue, 09 Mar 2021 22:30:04 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
58FXUUps8PwjhsUwGIlB55mQSrH2Rm06
accept-ranges
bytes
server
AmazonS3
date
Mon, 15 Mar 2021 17:30:20 GMT
cache-control
must-revalidate,public,max-age=3600
etag
"c86d6685162db5e6df1129bb8301beb7"
x-cache
Hit from cloudfront
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jIbKNKExxLIHsUVTsLXyCThwcp51kyg3iperPHLVkhaG9k3lK60zbg==
age
1526
styles.css
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/styles.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e498820367fc2c927b499ef4475c0d4a51b3da8b5a88b4ef5fc94509c4732319

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tixryubusluKae25dxsbDDh_mX.679Bd
content-encoding
gzip
etag
W/"861f2ccc25c0883c2c8c97d7d85aa2bf"
last-modified
Tue, 09 Mar 2021 22:29:56 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:19 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
KBOjIRSpgYeGwcbzRhoXzd04hnlY8eXyODIR-vGSU7oObSwMjHFpyQ==
openSans.css
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b3e0b7b581a0e98cebcb81e65e84401ecdfea4a4b8119e7372888876359ca19

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZZ2M0JF8JxwWBK5WDfWhPgIwdYl4v2RD
content-encoding
gzip
etag
W/"3c017e05b41fc21ffbb6c32d97e87bad"
last-modified
Tue, 09 Mar 2021 22:30:09 GMT
server
AmazonS3
age
1525
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:21 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
t2k6APQDfFEhMqQ-JwK7KdW76RjNLbM9KHqjnpO06d-q5c3niM4xxQ==
runtime.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.PJCcMX4whZhWZuCLENwIwkM1vK9Aq6W
content-encoding
gzip
etag
W/"5fe48064a68c5e51f208fb444eb5a84a"
last-modified
Tue, 09 Mar 2021 22:30:16 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
gv8xGG5r9TOjwBoaAl7BoICivrizg8MOLq_ptiMUoiunY0bkBzfHcA==
polyfills.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/polyfills.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d04569b315ddc299433fb15ea3b68ddf6f10cc3ff1ec6e36c4154e9a5b78d7f1

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BF0pCfnquor10zU49BlcM2hd5ycRZzpI
content-encoding
gzip
etag
W/"775a8828f28b4bd527842dc3cd4e1efe"
last-modified
Tue, 09 Mar 2021 22:29:51 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
uovEFSBQ92nJlnICtArqItP00tYtFw_ojw2zyX_ZJfxASY1XzaWAIw==
vendor.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		774 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/vendor.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c80c206610c532f6b946da5b1bc16288f54bf028b0b6e2e98e90a59422ea6c28

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ByVIPZr9vjPb9b.WYNDJp2JN5zWDH9vU
content-encoding
gzip
etag
W/"23569464eebc687896e6029f4d10e1c3"
last-modified
Tue, 09 Mar 2021 22:30:13 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
FhwLbzp8z_kl4kws9-ERznfJNTMYpYqpHKwBkL3n39z9zTDGBTGyQA==
main.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/main.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51623dd3fe015b68f99eb2eaf0484a1f5c6d478601b422b0b9f68605cc36b60c

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jcvEHdRYnM0.KNkoC7S.TqfMU1EnrpyR
content-encoding
gzip
etag
W/"d835a8c38e7a9204af35af6d886309dc"
last-modified
Tue, 09 Mar 2021 22:30:11 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
NLqN169LXO9XJsQuOklbEqAEafrAKgOqcHJMMCY-n48-W4eRsNvYkQ==
open-sans-v18-regular.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-v18-regular.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e3b1d34ac67763ab50652da19305d4b3694c6b6e6bf35f4b98411ce4af646d2

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S1lUjwYUdwzzSzw77opgWmVoMDGKUMLy
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
etag
"a9557eb451f17dcd8e687327ea9383a0"
last-modified
Tue, 09 Mar 2021 22:30:05 GMT
server
AmazonS3
age
1265
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:34:41 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43236
x-amz-cf-id
jShtnN9dhEwh6-RKk7HN7kL-pK8sXa6OXKAV0AdzsJOsuGFe3C8b6g==
error
logger.adthrive.com/ 		21 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/error?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=gold4%3Acon&branch=4a2b9a3&deployment=ad-808%3Apr1510%3Agold4%3A548b432%3Acon&message=AdThrive%3A%3Ainit&pageurl=https%3A%2F%2Fheavy.com%2F&body=%5B%7B%22name%22%3A%22TypeError%22%2C%22message%22%3A%22Cannot%20read%20property%20%27getItem%27%20of%20null%22%2C%22stack%22%3A%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%5Cn%20%20%20%20at%20https%3A%2F%2Fheavy.com%2F%3A70%3A32%5Cn%20%20%20%20at%20e._call%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A213913)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A213663)%5Cn%20%20%20%20at%20e.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A336439)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A2298%5Cn%20%20%20%20at%20Object.next%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A2403)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A1340%5Cn%20%20%20%20at%20new%20Promise%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20a%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A1114)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A336110)%22%7D%2C%7B%22abgroup%22%3A%7B%22deftimer%22%3A%225000%22%2C%22amzn%22%3A%22on%22%2C%22ebho%22%3A%22triplelift_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%221%22%2C%22lzbpvp%22%3A%220.125%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_districtm%22%3A%22on%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_sovrn%22%3A%22on%22%2C%22roxot%22%3A%22off%22%2C%22to_initial%22%3A%222000%22%2C%22vebho%22%3A%22off%22%2C%22bnr_unruly%22%3A%22off%22%2C%22bnr_districtm%22%3A%22on%22%2C%22bnr_gumgum%22%3A%22on%22%2C%22bnr_padsquad%22%3A%22off%22%2C%22bnr_undertone%22%3A%22on%22%2C%22bnr_33across%22%3A%22on%22%2C%22cbt%22%3A%224s%22%2C%22vast_to%22%3A%225s%22%2C%22maxre%22%3A%228%22%2C%22proto%22%3A%22allr%22%2C%22pbm%22%3A%22off%22%2C%22reqTo%22%3A%2215%22%2C%22vpos%22%3A%221%22%2C%22skip%22%3A%22ns%22%2C%22sab%22%3A%22on%22%2C%22jwb%22%3A%22on%22%2C%22pbmdr%22%3A%22both%22%2C%22rp_anadp%22%3A%22off%22%2C%22lzflrcontent%22%3A%22off%22%2C%22sessflrs%22%3A%22off%22%2C%22ats%22%3A%22on%22%2C%22rebuildslot%22%3A%22on%22%7D%2C%22sess%22%3A%2201F0VGF3X47YJP470BDHZ7YXZA%22%2C%22pvk%22%3A%2201F0VGF3X4W6EQ8QGWYM9YCESJ%22%2C%22hbho%22%3A%5B%2233across%22%2C%22openx%22%2C%22sovrn%22%5D%2C%22vbho%22%3A%5B%5D%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-52.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:47 GMT
via
1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
21
x-amz-cf-id
rX0DPS5ighJS9cB7W4uW2Ebn5KB99oHdsngBhF2kFJ3pOLRi3QMxBQ==
error
logger.adthrive.com/ 		21 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/error?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=gold4%3Acon&branch=4a2b9a3&deployment=ad-808%3Apr1510%3Agold4%3A548b432%3Acon&message=index%3A%3Aload&pageurl=https%3A%2F%2Fheavy.com%2F&body=%5B%7B%22name%22%3A%22TypeError%22%2C%22message%22%3A%22Cannot%20read%20property%20%27getItem%27%20of%20null%22%2C%22stack%22%3A%22TypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%5Cn%20%20%20%20at%20https%3A%2F%2Fheavy.com%2F%3A70%3A32%5Cn%20%20%20%20at%20e._call%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A213913)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A213663)%5Cn%20%20%20%20at%20e.%3Canonymous%3E%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A336439)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A2298%5Cn%20%20%20%20at%20Object.next%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A2403)%5Cn%20%20%20%20at%20https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A1340%5Cn%20%20%20%20at%20new%20Promise%20(%3Canonymous%3E)%5Cn%20%20%20%20at%20a%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A1114)%5Cn%20%20%20%20at%20e.init%20(https%3A%2F%2Fads.adthrive.com%2Fbuilds%2Fcore%2F4a2b9a3%2Fjs%2Fadthrive.min.js%3Fthreshold%3D0%3A17%3A336110)%22%7D%2C%7B%22abgroup%22%3A%7B%22deftimer%22%3A%225000%22%2C%22amzn%22%3A%22on%22%2C%22ebho%22%3A%22triplelift_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%221%22%2C%22lzbpvp%22%3A%220.125%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_districtm%22%3A%22on%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22off%22%2C%22pbs2s_sovrn%22%3A%22on%22%2C%22roxot%22%3A%22off%22%2C%22to_initial%22%3A%222000%22%2C%22vebho%22%3A%22off%22%2C%22bnr_unruly%22%3A%22off%22%2C%22bnr_districtm%22%3A%22on%22%2C%22bnr_gumgum%22%3A%22on%22%2C%22bnr_padsquad%22%3A%22off%22%2C%22bnr_undertone%22%3A%22on%22%2C%22bnr_33across%22%3A%22on%22%2C%22cbt%22%3A%224s%22%2C%22vast_to%22%3A%225s%22%2C%22maxre%22%3A%228%22%2C%22proto%22%3A%22allr%22%2C%22pbm%22%3A%22off%22%2C%22reqTo%22%3A%2215%22%2C%22vpos%22%3A%221%22%2C%22skip%22%3A%22ns%22%2C%22sab%22%3A%22on%22%2C%22jwb%22%3A%22on%22%2C%22pbmdr%22%3A%22both%22%2C%22rp_anadp%22%3A%22off%22%2C%22lzflrcontent%22%3A%22off%22%2C%22sessflrs%22%3A%22off%22%2C%22ats%22%3A%22on%22%2C%22rebuildslot%22%3A%22on%22%7D%2C%22sess%22%3A%2201F0VGF3X47YJP470BDHZ7YXZA%22%2C%22pvk%22%3A%2201F0VGF3X4W6EQ8QGWYM9YCESJ%22%2C%22hbho%22%3A%5B%2233across%22%2C%22openx%22%2C%22sovrn%22%5D%2C%22vbho%22%3A%5B%5D%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-52.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:47 GMT
via
1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"711ef07ada64abbd94e9099392aa8d74"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
21
x-amz-cf-id
FTcFb1LmN-INbE3C9IEL9RpezXcOYM9AUMoxy8ZMnS1kwG4HOTmL4Q==
1.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/1.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4aebe9f353d16c265d3816d0af7025212057b8ee1f0b9c5f8e4038c33474908a

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FGOC_vuQY3byvnctq7lkNzmGr2N.RUUU
content-encoding
gzip
etag
W/"f8ea06752417450f8d6e1b48301233c4"
last-modified
Tue, 09 Mar 2021 22:29:57 GMT
server
AmazonS3
age
1526
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:20 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
iiWi7LNUUjiIRDybPNb7OsOz-vyWYK37F-h3STi_JRcujkiWam696g==
18.js
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/18.js
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/runtime.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80a57ab7bc860ab28ec83546b0569295aad2e5e95800affa2f2e038efad71fa6

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E8fA580gBlwP.Q3j1k7zxbOmFQXQL7Gf
content-encoding
gzip
etag
W/"0b9b4013d321f9d5d1126a9300eb82a4"
last-modified
Tue, 09 Mar 2021 22:29:57 GMT
server
AmazonS3
age
1525
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:21 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
T_5FHO4Vc_WtBBA9kdaNQFlJEhgWC205v0g-h4Ab-odpcOT-AvGqmA==
blueLagoon.css
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ad70d8038e1a6102cd5cc5d667d2d02aabd6f578872098f2e87c8641d5c5438

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UzXLjZmJQggSfAoPRo0kFU3ySnBjwTfU
content-encoding
gzip
etag
W/"471d3804bfa4d4b0a3d10b6367996aa1"
last-modified
Tue, 09 Mar 2021 22:30:13 GMT
server
AmazonS3
age
1437
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:31:49 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jX5i5Kr6h5t9kNK6Ul59uEjuQoeGG4So8IQ-pJDoaZKqdw779r6Kfw==
fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame 40D5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr.privacymanager.io/1/fingerprint-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:4200:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

Referer
https://gdpr-consent-tool.privacymanager.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MtJmVf77n2_qaagWn3rEFqMk4WY_tMCl
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
etag
"b7cdca038062eecdc45c7351c6a539ad"
last-modified
Tue, 09 Mar 2021 22:31:07 GMT
server
AmazonS3
age
1551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:29:54 GMT
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
2962
x-amz-cf-id
us1c3dN-crRpt9nNJxmIDss5BfwYmjwbM50U8-x2GrADQKSZUgvTQA==
icon-arrow-drop-up.svg
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		327 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdpr-consent-tool.privacymanager.io/1/icon-arrow-drop-up.svg
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
633b8904e9a0b26141294ecf0e2699f2f70781feeb000083cbb62d4c18e7d38a

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/blueLagoon.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k_4iL4sa0Pb9dRGrDn7_ki5JFpqNRhIn
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
etag
"b4d5dd379cde5531e15b9f0b5fd8f691"
last-modified
Tue, 09 Mar 2021 22:30:05 GMT
server
AmazonS3
age
1518
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:30:27 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
327
x-amz-cf-id
mByh5WTn_gIkeD6hiDTRV79E5bV_KVqrTG7w1qX3fkOqncp5OTA2wA==
open-sans-v18-700.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-v18-700.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c22fe8c70c36f1d862903b772eaed864d3a8fa849473c9caff224fdb852428e4

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xD5luZllJ9W.0eEyicipGuuj5jqh0Tzs
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
etag
"17c283b4e785e073ec09dc72acebafac"
last-modified
Tue, 09 Mar 2021 22:30:07 GMT
server
AmazonS3
age
2481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:14:24 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
44988
x-amz-cf-id
nR8cgoISqVPkjeT-dbw1paNjwTSI7mU1ohu5Uo3e7UL0TXMC6L1GcA==
open-sans-v18-600.woff2
gdpr-consent-tool.privacymanager.io/1/ Frame 40D5 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdpr-consent-tool.privacymanager.io/1/open-sans-v18-600.woff2
Requested by
Host: gdpr-consent-tool.privacymanager.io
URL: https://gdpr-consent-tool.privacymanager.io/1/openSans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d000:a:b6fc:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
486c67592731a0b36a89dba1fd0b97aeb73f236bbf60dbf28d7c6b5723c07989

Request headers

Origin
https://gdpr-consent-tool.privacymanager.io
Referer
https://gdpr-consent-tool.privacymanager.io/1/openSans.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
b7y8NcCn9PlmtYjLRht6P9kco8OT9mtY
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
etag
"97593b89e95959c7f41c47cf407d1f63"
last-modified
Tue, 09 Mar 2021 22:29:59 GMT
server
AmazonS3
age
1264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
must-revalidate,public,max-age=3600
date
Mon, 15 Mar 2021 17:34:42 GMT
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
44936
x-amz-cf-id
1dDtDKnP29mWx_Q-SfsevSgpjtXFW39E4b2W-F_pZ-Reg5Plwj2i0Q==
poppins-v5-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 101 97 3163
last-modified
Tue, 02 Mar 2021 16:12:53 GMT
server
nginx
age
1481
etag
"603e6405-28e0"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
10464
expires
Tue, 15 Mar 2022 17:55:46 GMT
poppins-v5-latin-ext_latin-700.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-700.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 101 23 3187
last-modified
Tue, 02 Mar 2021 13:50:27 GMT
server
nginx
age
1481
etag
"603e42a3-2908"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
10504
expires
Tue, 15 Mar 2022 17:55:46 GMT
pt-serif-v9-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 102 109 3185
last-modified
Fri, 08 Jan 2021 08:05:33 GMT
server
nginx
age
672
etag
"5ff8124d-a580"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
42368
expires
Tue, 15 Mar 2022 17:55:46 GMT
pt-serif-v9-latin-ext_latin-italic.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-italic.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 103 40 3196
last-modified
Fri, 18 Dec 2020 10:21:11 GMT
server
nginx
age
672
etag
"5fdc8297-af88"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
44936
expires
Tue, 15 Mar 2022 17:55:46 GMT
pt-serif-v9-latin-ext_latin-700.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3f26811b5f4170494b7a5a22af74cef7086f9952b2db9940b94a9244f2da47ed

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 101 97 3163
last-modified
Tue, 02 Mar 2021 16:12:53 GMT
server
nginx
age
1712
etag
"603e6405-9090"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
37008
expires
Tue, 15 Mar 2022 17:55:46 GMT
pt-serif-v9-latin-ext_latin-700italic.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-700italic.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d6c9287e830a38a21589c9424279b96eb2cc82e9093fd3518c89fb65d7b6e52

Request headers

Origin
https://heavy.com
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 17:55:46 GMT
x-rq
ams5 102 224 3162
last-modified
Mon, 01 Feb 2021 22:08:30 GMT
server
nginx
age
1798
etag
"60187bde-8ce8"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
36072
expires
Tue, 15 Mar 2022 17:55:46 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| at_location string| at_path object| adthrive function| hvyWidgetsTargeting object| heavyJS function| _createClass function| _classCallCheck function| IOlazy string| heavyGAID string| GoogleAnalyticsObject function| ga number| heavySameSiteTrackingDelay object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| OneSignal number| oneSignalDelay object| _comscore object| _stq function| st_go function| linktracker_init object| wpcom object| trackingMap function| heavySameSiteTracking object| _atrk_opts function| udm_ object| ns_p object| COMSCORE function| atrk boolean| _atrk_fired object| googletag object| pbjs object| cmp object| gdprConfiguration object| node function| __tcfapi function| pbjsChunk object| _pbjsGlobals object| webVitals object| wpJsonpLiverampGdprCmp object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing

3 Cookies

Domain/Path Name / Value
.heavy.com/ Name: _gat
Value: 1
.heavy.com/ Name: _gid
Value: GA1.2.1024800382.1615830942
.heavy.com/ Name: _ga
Value: GA1.2.668397309.1615830942

4 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://ads.adthrive.com/builds/core/4a2b9a3/gdpr/vendor/prebid/prebid.min.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api error URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0(Line 17)
Message:
%cAdThrive::init color: #999; font-weight: bold; TypeError: Cannot read property 'getItem' of null
console-api error URL: https://ads.adthrive.com/builds/core/4a2b9a3/js/adthrive.min.js?threshold=0(Line 17)
Message:
%cindex::load color: #999; font-weight: bold; TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adthrive.com
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
gdpr-consent-tool.privacymanager.io
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
heavy.com
logger.adthrive.com
pixel.wp.com
polyfill.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
13.226.159.124
13.226.159.21
13.226.159.52
13.226.159.69
142.250.186.162
192.0.66.32
192.0.76.3
23.37.53.17
2600:9000:206f:3000:11:2a6a:9480:93a1
2600:9000:206f:d000:a:b6fc:9800:93a1
2600:9000:2182:4200:16:f82a:8600:93a1
2606:4700::6810:7eaf
2606:4700::6812:e234
2a00:1450:4001:802::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c09::9d
2a04:4e42::621
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e
1b3e0b7b581a0e98cebcb81e65e84401ecdfea4a4b8119e7372888876359ca19
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
2c593fabdaf3d741819c74708f71dd112cda8777a48bacacb57c4783e2233594
2e3b1d34ac67763ab50652da19305d4b3694c6b6e6bf35f4b98411ce4af646d2
3f26811b5f4170494b7a5a22af74cef7086f9952b2db9940b94a9244f2da47ed
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
486c67592731a0b36a89dba1fd0b97aeb73f236bbf60dbf28d7c6b5723c07989
4aebe9f353d16c265d3816d0af7025212057b8ee1f0b9c5f8e4038c33474908a
4d6c9287e830a38a21589c9424279b96eb2cc82e9093fd3518c89fb65d7b6e52
4f4ca48834cdff36234cb6d6ed793c84f21594235a3e7853b5d904a2890bbf2b
51623dd3fe015b68f99eb2eaf0484a1f5c6d478601b422b0b9f68605cc36b60c
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a
5af9c3e8cb86cc5da1d61d1830fd282e957b934ad695e7ade6bb6ed7ea2af375
633b8904e9a0b26141294ecf0e2699f2f70781feeb000083cbb62d4c18e7d38a
7759e54f5a6c7c7fb2bbfe960a8987e05a205022750a3da5829f777509c6966d
80a57ab7bc860ab28ec83546b0569295aad2e5e95800affa2f2e038efad71fa6
83edd49c75612c0bbbf5565072adde4e188adf5d1005ca57ed9582cdd6e445f8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8769e85d6758bb6a8c28e82e3f8a4ef674c4c8e1e59ed1de97c9b724afd887fc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9320506172fa70da0a413c0826c1973fe60a3bb2076617c3c0459f0b45daf255
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9ad70d8038e1a6102cd5cc5d667d2d02aabd6f578872098f2e87c8641d5c5438
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a8b87f264c9a62116462a03bf9ad802b00b10e091f40e3131af1a290780f98d1
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c
b407c3fc8744eb94790f1e6944de62e8f6cc2cef4eaebd84287018300c51a14a
b76dc912a6dfd69ae360eee56f94630c2e5accd215853d5b0675566b0fc2ad1c
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378
c22fe8c70c36f1d862903b772eaed864d3a8fa849473c9caff224fdb852428e4
c2a2f3eb012e6c1a8652a3de2fe7b6de26afaa2d723f9cda3459421f490e70c2
c5faf44f76f1c8549ae2bc170252d2b94aa1f57a34c59d8123c71fb0469d264d
c80c206610c532f6b946da5b1bc16288f54bf028b0b6e2e98e90a59422ea6c28
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
d04569b315ddc299433fb15ea3b68ddf6f10cc3ff1ec6e36c4154e9a5b78d7f1
d6892f653cf61cfb84678d798fd47b833a6e9e097c1fa431e571e2812515dfd6
e1ebc79e2fc88e3ecc52cf02083666e467c05a7d2ce372b92f2077f816f26af4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e498820367fc2c927b499ef4475c0d4a51b3da8b5a88b4ef5fc94509c4732319
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fe99480f280789531ba6a948a72f6d88d946ce92e5b5b08b279bbb2c7cd08a3f