g2rl.com Open in urlscan Pro
34.174.47.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://startg2rl.com/
Effective URL:
https://g2rl.com/
Submission: On November 05 via api (November 5th 2024, 11:00:46 am UTC) from US — Scanned from US

Summary HTTP 185 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 50 IPs in 3 countries across 43 domains to perform 185 HTTP transactions. The main IP is 34.174.47.50, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is g2rl.com.
TLS certificate: Issued by R11 on November 4th 2024. Valid for: 3 months.

This is the only time g2rl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.182.110 172.67.182.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 59	34.174.47.50 34.174.47.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a05:d018:56f... 2a05:d018:56f:b800:f42c:e894:1fb0:3740	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:280... 2600:9000:2807:ea00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
5	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ae5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:24cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.33.252.124 13.33.252.124	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
4	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
16	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
5	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	142.250.80.100 142.250.80.100	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.138.106.49 108.138.106.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:6::17df:d10d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	2600:9000:23c... 2600:9000:23cb:5c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:2141:4000:4:d7e1:700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
4 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700:440... 2606:4700:4400::ac40:92d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
13 16	2600:1f18:61c... 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:61c... 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd	14618 (AMAZON-AES) (AMAZON-AES)
1	3.215.27.253 3.215.27.253	14618 (AMAZON-AES) (AMAZON-AES)
1	3.168.122.82 3.168.122.82	16509 (AMAZON-02) (AMAZON-02)
1	34.247.247.224 34.247.247.224	16509 (AMAZON-02) (AMAZON-02)
3	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.35.93.91 13.35.93.91	16509 (AMAZON-02) (AMAZON-02)
1	35.211.202.130 35.211.202.130	19527 (GOOGLE-2) (GOOGLE-2)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.173.146.5 69.173.146.5	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
185	50

1 172.67.182.110 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

startg2rl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 34.174.47.50 (Dallas, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.47.174.34.bc.googleusercontent.com

www.g2rl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2rl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.bzcclandlord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2807:ea00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ae5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:24cf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.252.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-124.jfk50.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

meetings.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

9133996.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:6::17df:d10d (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:23cb:5c00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2141:4000:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:92d7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74 (Ashburn, United States) 13 redirects

ASN14618 (AMAZON-AES, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.27.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-27-253.compute-1.amazonaws.com

ipv4.d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.122.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-82.jfk52.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.247.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-247-224.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-91.jfk50.r.cloudfront.net

tr-rc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.202.130 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 130.202.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.32.98 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States) 1 redirects

ASN14777 (YAHOO, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.155 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	g2rl.com 1 redirects www.g2rl.com g2rl.com	930 KB
25	adroll.com 14 redirects s.adroll.com — Cisco Umbrella Rank: 3395 d.adroll.com — Cisco Umbrella Rank: 1624 x.adroll.com — Cisco Umbrella Rank: 4422 ipv4.d.adroll.com — Cisco Umbrella Rank: 12598	51 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	321 KB
13	google.com www.google.com — Cisco Umbrella Rank: 3	3 KB
11	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4621 forms-na1.hsforms.com — Cisco Umbrella Rank: 7161 perf.hsforms.com — Cisco Umbrella Rank: 15226	22 KB
10	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 www.linkedin.com — Cisco Umbrella Rank: 646 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	5 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 v.clarity.ms — Cisco Umbrella Rank: 6509 c.clarity.ms — Cisco Umbrella Rank: 1236	32 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	7 KB
5	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6770	156 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 348 c.bing.com — Cisco Umbrella Rank: 190	17 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	82 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	290 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 446	1 KB
3	hubspotusercontent-na1.net 9133996.fs1.hubspotusercontent-na1.net	6 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 267	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 415	981 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 495	594 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 516	515 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 462	831 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 609	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 283	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 373	1 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3185 content.hotjar.io — Cisco Umbrella Rank: 6755	403 B
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 15419 tr-rc.lfeeder.com — Cisco Umbrella Rank: 19758	12 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	hubspot.com meetings.hubspot.com — Cisco Umbrella Rank: 92987 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 9316	1 KB
2	bzcclandlord.com obseu.bzcclandlord.com — Cisco Umbrella Rank: 126813	40 KB
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1107	364 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 867	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 881	360 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 413	1 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 751	634 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 399	183 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 27068	7 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5807	2 KB
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 12990	43 KB
1	startg2rl.com 1 redirects startg2rl.com	648 B
0	withgoogle.com Failed csp.withgoogle.com Failed
185	43

	Domain	Requested by
58	g2rl.com	g2rl.com
16	d.adroll.com	13 redirects s.adroll.com g2rl.com
16	fonts.gstatic.com	fonts.googleapis.com
13	www.google.com	js.hsforms.net www.googletagmanager.com www.gstatic.com
7	px.ads.linkedin.com	4 redirects snap.licdn.com g2rl.com
7	fonts.googleapis.com	g2rl.com js.hsforms.net
6	www.facebook.com	g2rl.com
6	s.adroll.com	1 redirects www.googletagmanager.com g2rl.com s.adroll.com
5	forms.hsforms.com	js.hsforms.net
5	js.hsforms.net	g2rl.com js.hsforms.net
4	forms-na1.hsforms.com	g2rl.com js.hsforms.net
4	connect.facebook.net	g2rl.com connect.facebook.net
4	www.googletagmanager.com	g2rl.com www.googletagmanager.com
3	pixel.tapad.com	2 redirects g2rl.com
3	v.clarity.ms	www.clarity.ms
3	www.clarity.ms	g2rl.com bat.bing.com www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com g2rl.com
3	9133996.fs1.hubspotusercontent-na1.net	g2rl.com js.hsforms.net
2	c.clarity.ms	1 redirects
2	ib.adnxs.com	1 redirects g2rl.com
2	eb2.3lift.com	1 redirects g2rl.com
2	ups.analytics.yahoo.com	1 redirects g2rl.com
2	us-u.openx.net	1 redirects g2rl.com
2	idsync.rlcdn.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects g2rl.com
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	x.adroll.com	s.adroll.com g2rl.com
2	px4.ads.linkedin.com	g2rl.com
2	perf.hsforms.com	g2rl.com
2	www.youtube.com	g2rl.com www.youtube.com
2	cdn.callrail.com	g2rl.com www.googletagmanager.com
2	obseu.bzcclandlord.com	g2rl.com obseu.bzcclandlord.com
1	c.bing.com	1 redirects
1	sync.taboola.com	g2rl.com
1	image2.pubmatic.com	g2rl.com
1	sync.outbrain.com	g2rl.com
1	pixel.rubiconproject.com	g2rl.com
1	pippio.com	1 redirects
1	x.bidswitch.net	g2rl.com
1	tr-rc.lfeeder.com	g2rl.com
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	ipv4.d.adroll.com	g2rl.com
1	script.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	sc.lfeeder.com	g2rl.com
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cta-service-cms2.hubspot.com	js.hscta.net
1	meetings.hubspot.com	static.hsappstatic.net
1	js.hscta.net	g2rl.com
1	static.hsappstatic.net	g2rl.com
1	www.clickcease.com	g2rl.com
1	www.g2rl.com	1 redirects
1	startg2rl.com	1 redirects
0	csp.withgoogle.com Failed
185	59

This site contains links to these domains. Also see Links.

Domain
meetings.hubspot.com
twitter.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
g2rl.com R11	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.bzcclandlord.com ZeroSSL ECC Domain Secure Site CA	`2024-10-22` - `2025-01-20`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M03	`2024-10-26` - `2025-11-24`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hsforms.net WE1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
hsappstatic.net WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
hscta.net WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hubspotusercontent-na1.net WE1	`2024-10-27` - `2025-01-26`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
d.adroll.com Amazon RSA 2048 M03	`2024-09-08` - `2025-10-07`	a year	crt.sh
*.adroll.com Amazon RSA 2048 M02	`2024-07-03` - `2025-07-31`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://g2rl.com/
Frame ID: 600B1505C7CEE1A5C2C8A26B9D0E678B
Requests: 152 HTTP requests in this frame

Frame: https://meetings.hubspot.com/traci-parrish/book-a-call-website?embed=true&parentHubspotUtk=ddd18164f4476e81643b844481811487&parentPageUrl=https://g2rl.com/
Frame ID: D6ABE968E44CAB7D6955BE35A0B32AFE
Requests: 1 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 3F3DBAAC207F3E1AA8F7F87D845D1716
Requests: 5 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: E77D1899E92DDF066096D8793EBE0FEF
Requests: 6 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 794ABEB9EFCD6490B5F291D3696178C5
Requests: 6 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: C66800749345DC44B4E18B1987165270
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fg2rl.com
Frame ID: A0BD184CF1246F4DE39C4D4A7CF8C382
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=moyz3yiu1vs5
Frame ID: C59AECF8ECB0E4FCACBD1760C1060DD2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=moyz3yiu1vs5
Frame ID: 6D33B7193C8492B4DBE1374725BF6965
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=9pxy83bc0t4v
Frame ID: 4DC1752BC7CB0C89F25CCF441C2CE7D6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=9pxy83bc0t4v
Frame ID: F01EC5C035B111533BE1CB737DAEDEDC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=bhqfmcp48u6p
Frame ID: 23F72C35D0AFD423A65DCD2F343466CD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=bhqfmcp48u6p
Frame ID: 5A20BFDAD276CABE7DBC1BFC3DFF461E
Requests: 1 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
Frame ID: 8C40EF63C2B50E1CDB2C06EB0CFAEA9A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: CF6804C6DB77663DF89B3E6D10993B04
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 96CC1A99F5770DC5F19BD3F7CEF38F35
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: F6D1DD769CC4F74F972E578A490B296F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reverse Logistics Solutions - To simplify returns management

Page URL History Show full URLs

https://startg2rl.com/ HTTP 301
http://www.g2rl.com/ HTTP 307
https://www.g2rl.com/ HTTP 301
https://g2rl.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

185
Requests

90 %
HTTPS

41 %
IPv6

43
Domains

59
Subdomains

50
IPs

3
Countries

2112 kB
Transfer

7097 kB
Size

78
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://meetings.hubspot.com/traci-parrish/g2rl
Title: Book a Demo

Search URL Search Domain Scan URL

URL: https://twitter.com/g2reverse

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/g2rl/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/G2ReverseLogistics

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://startg2rl.com/ HTTP 301
http://www.g2rl.com/ HTTP 307
https://www.g2rl.com/ HTTP 301
https://g2rl.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6468018%26time%3D1730804440328%26li_adsId%3D8d6d7598-e245-4ed5-99a4-a7cd0450c257%26url%3Dhttps%253A%252F%252Fg2rl.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJan17uTm1QRgAAAZL7-9_VZAdalBtDkVODlWYLwFodCZzcYcsRwsdLAjga3CLblQtV3Q

Request Chain 138

https://s.adroll.com/j/pre/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 161

https://px.ads.linkedin.com/collect/?pid=3612252&fmt=gif HTTP 302
https://px4.ads.linkedin.com/collect/?pid=3612252&fmt=gif&e_ipv6=AQKk5U78naBswgAAAZL7--CpKlhCeoZfwEhqfA0moPlM8HqAimvgXs7GJtYIaZ4iHbFkTQ

Request Chain 162

https://d.adroll.com/cm/b/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

Request Chain 163

https://d.adroll.com/cm/experian/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e8889e-467f-488c-9c20-3d980b8e1aed&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%2C%2C

Request Chain 164

https://d.adroll.com/cm/g/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=JXecN9QLaFKYfhuOhWjSAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=JXecN9QLaFKYfhuOhWjSAA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 165

https://d.adroll.com/cm/index/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441&C=1

Request Chain 166

https://d.adroll.com/cm/l/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=25779c37d40b6852987e1b8e8568d200 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDAQABoNCNn1p7kGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&rand=09385660

Request Chain 167

https://d.adroll.com/cm/n/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expires=365

Request Chain 168

https://d.adroll.com/cm/o/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent=

Request Chain 169

https://d.adroll.com/cm/outbrain/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 170

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 171

https://d.adroll.com/cm/r/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 172

https://d.adroll.com/cm/taboola/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

Request Chain 173

https://d.adroll.com/cm/triplelift/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 174

https://d.adroll.com/cm/x/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

Request Chain 179

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&RedC=c.clarity.ms&MXFR=28EC2E7B89B16C053E0C3B558DB162B6 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&MUID=3D4193A86A42633D0AB086866BFC620D

185 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
g2rl.com/
Redirect Chain

https://startg2rl.com/
http://www.g2rl.com/
https://www.g2rl.com/
https://g2rl.com/

82 KB
19 KB

1260ms
1257ms

Document
text/html

34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c528907dcbf84fc70d2b5b05506695d3dcdaf327677aeb71194095fb22c9c6ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 11:00:38 GMT
expires: Tue, 05 Nov 2024 11:00:37 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
link: <https://g2rl.com/wp-json/>; rel="https://api.w.org/" <https://g2rl.com/wp-json/wp/v2/pages/3863>; rel="alternate"; title="JSON"; type="application/json" <https://g2rl.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding
x-httpd-modphp: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:

Redirect headers

cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 11:00:37 GMT
expires: Tue, 05 Nov 2024 12:00:37 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://g2rl.com/
server: nginx
vary: Accept-Encoding
x-httpd-modphp: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:
x-redirect-by: WordPress

GET
H2 200 cf543ef3f2dc037b6ef97ec9cf73783a.js Show response
obseu.bzcclandlord.com/i/ 108 KB
40 KB 469ms
150ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.bzcclandlord.com/i/cf543ef3f2dc037b6ef97ec9cf73783a.js
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51c8e3a5ec1bdefa1f4ccecac4fab42e61a55202172cb174cdceaa6c24e785e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

expires: Tue, 05 Nov 2024 23:00:39 GMT
cache-control: max-age=43200
content-encoding: gzip
content-length: 40443
date: Tue, 05 Nov 2024 11:00:39 GMT
etag: "1afe9-kqD49xhx8bmmQVMDBrgERi965Ys"
content-type: text/javascript; charset=utf-8

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 257ms
72ms Script
application/javascript 2600:9000:2807:ea00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2807:ea00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
age: 2
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: owewBJ0HVEXO0IkvGcGY80d7Rc-sBxPG1jazxyHdVOBKuhau9pBWqQ==
date: Tue, 05 Nov 2024 11:00:37 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
via: 1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-pop: JFK52-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 homenew-v2.css
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/ 32 KB
6 KB 86ms
78ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b93c57fcf0a1cfcddb69483483665fc22cb8f6ab4fc874d49fcaa5e1281128b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:16 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 style.css
g2rl.com/wp-content/themes/wp-bootstrap-starter/ 21 KB
5 KB 87ms
80ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/style.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aaeaaae09aa6f3a7ec8995204a240f1553951f8e76010f07ccb718b520410245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Fri, 26 Jul 2024 02:20:07 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 bootstrap.min.css
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/ 157 KB
21 KB 92ms
85ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/bootstrap.min.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 fontawesome.min.css
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/ 58 KB
12 KB 145ms
138ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/fontawesome.min.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 style.css
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/ 540 B
525 B 145ms
139ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/style.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fd6cdeb254f5369330b00aa8b40c774e600a8e303efa6f18503facbc0cb916bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:12 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 journal.css
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/presets/theme-option/ 192 KB
20 KB 151ms
144ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/presets/theme-option/journal.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb7d5e85b33db386c0baed2caa251913c16724908884bce34b7c9a9ec89f7510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 249ms
81ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0209de090ef97534811361ed4b2a7438ce52a68f1414bc2befabffbfd8000482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 09:37:42 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 roboto-roboto.css
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/presets/typography/ 1 KB
644 B 151ms
146ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/presets/typography/roboto-roboto.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d6ce3851cd01c07c44e286dd874a4d7b10e0d5b27f5aebc48ee6fd48ae5b0331

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 aos.css
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/ 25 KB
2 KB 150ms
146ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/aos.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:15 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 style.css
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/ 96 KB
11 KB 150ms
146ms Stylesheet
text/css 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/style.css?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 928ae3ed0db26f4c242f351a3cf42beabe25155bf00b42a93c0058fcdc9f503c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:17 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
923 B 251ms
85ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans%3Aital%2Cwght%400%2C100..900%3B1%2C100..900&display=swap&ver=6.6.2

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c5a8ce140130a62a181c2798f7d5a9c3f109de8e106530a5f394b99e437d4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:08:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery.min.js Show response
g2rl.com/wp-includes/js/jquery/ 86 KB
29 KB 150ms
147ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Fri, 10 Nov 2023 07:44:47 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:28 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 jquery-migrate.min.js Show response
g2rl.com/wp-includes/js/jquery/ 13 KB
5 KB 153ms
151ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Fri, 11 Aug 2023 11:20:54 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:28 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 front-end.js Show response
g2rl.com/wp-content/plugins/clickcease-click-fraud-protection/includes/assets/js/ 2 KB
1 KB 150ms
148ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/plugins/clickcease-click-fraud-protection/includes/assets/js/front-end.js?ver=1.0
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12ff790a17c7e80011c1a3481ccfe3640f5f90bd981574fda88509ca9f22850d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 15 Aug 2024 17:56:48 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:28 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 custom.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/js/ 9 KB
2 KB 152ms
150ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/js/custom.js?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a614dbe8ef4881f08eea0c25b429dcaa5c4e90a075f6ed203db32d8f6f9ca0a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:22 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 aos.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/js/ 14 KB
4 KB 152ms
150ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/js/aos.js?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5bb856654de837ac686dfa1f62d0a6b40b0f2d86adf90e2ae94354a392a3af7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Tue, 13 Aug 2024 20:25:22 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 g2rl-logo-light.png
g2rl.com/wp-content/uploads/2024/07/ 5 KB
5 KB 66ms
66ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/07/g2rl-logo-light.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 662bed428b1e907d07416345e7493715f2e3584758b760b461637a19ddbca745

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 5010
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Wed, 10 Jul 2024 19:58:12 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ 484 KB
156 KB 108ms
44ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-request-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guptm05ZR5btf6g7xJMwHzdZ%2FyMieAmGL0mY2lDJ6dAnwsiR%2B9NoxrVUhhg6swYeLpJjDf8mYO8a8K4nhPOEzOoP%2F1kwtYJ32DFzoCDH5tCfMLVwV%2F1q6cRacpHACoWk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HVHlI3-Ic_vzp9afJA_bLlYq2V-bmVrobOfBuk78VUzW-vCWb5ffAA==
x-hubspot-correlation-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-krlhh
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d68348c0b450612-IAD
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8ddc57608bfa74a2-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 hero-image.png
g2rl.com/wp-content/uploads/2024/08/ 48 KB
49 KB 64ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/08/hero-image.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a3f96f43c85e2de8e6510cba7861ff1deaa5a19906bfa1797b203c0bbe06775

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 49462
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Tue, 13 Aug 2024 21:42:43 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 NoPath-Copy-7-comp.png
g2rl.com/wp-content/uploads/2021/11/ 3 KB
3 KB 67ms
66ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-7-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a3ab12919de2f006ed612940a614e675ec93fd24aab3e46747760c9dfae68f91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2846
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 DC-velocity-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 72ms
67ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/DC-velocity-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9fa38455f9426d4d8227a364386f76bff582c419bdb3dca88a2f3378001809cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1784
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Yahoo-finance-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 72ms
67ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Yahoo-finance-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c06dad8629705c39e74281b2b01e02a3f62b8d2b543b3970b9293c6e706ce1b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2078
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 NoPath-Copy-98-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
3 KB 65ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-98-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a06c603b0c764d48edec70e90931e2189f7e24f08cbc46e262964c67a1575a74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2558
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 NoPath-Copy-92-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 63ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-92-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6641e2c1eb0f753b5903ae672fc1bde19de32d4c70784245ddb94f61380d1a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2052
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 NoPath-Copy-9-comp-1.png
g2rl.com/wp-content/uploads/2021/11/ 3 KB
3 KB 66ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-9-comp-1.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07bbce37083a40832a43ef761a6039832a82a0d07005392585a13a11e2f57b88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2806
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 gartner-logo.jpg
g2rl.com/wp-content/uploads/2023/12/ 2 KB
2 KB 66ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2023/12/gartner-logo.jpg
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 34698d431ea9a63c14f89d592ea86fe5d8ef4d79fe02a23d44081d7a5cb30930

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1920
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 21 Dec 2023 12:40:50 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Omni-channel-returns_2_Omni-1.png
g2rl.com/wp-content/uploads/2024/01/ 15 KB
15 KB 74ms
68ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/01/Omni-channel-returns_2_Omni-1.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 105314c2b5fbd4132702401c9978a400c15506f0a29c3b1d220adcbbfcae3e24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 15094
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 04 Jan 2024 10:53:32 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 warhouse-with-reap_warehouse-with-reap.png
g2rl.com/wp-content/uploads/2024/01/ 231 KB
231 KB 67ms
66ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/01/warhouse-with-reap_warehouse-with-reap.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb920c9b839d00bbf731a303dcb12dd62d577a62a61691cab49a0c788659781a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 236120
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 04 Jan 2024 10:56:11 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 herb-shearpic.png
g2rl.com/wp-content/uploads/2022/01/ 4 KB
4 KB 82ms
82ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2022/01/herb-shearpic.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8504f84d408b3a42dc3b6171879ed28e90eb8da78ba10843e9f838206eb5f419

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 3810
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Fri, 28 Jan 2022 10:44:15 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 new_homepage_platform.png
g2rl.com/wp-content/uploads/2024/07/ 118 KB
118 KB 74ms
73ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/07/new_homepage_platform.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8f793d8642f369bc67bf0554717fdf70f7eaf80d7d2e0c85013931669807decf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 120702
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 25 Jul 2024 00:58:28 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 new_homepage_platform-1.png
g2rl.com/wp-content/uploads/2024/07/ 118 KB
118 KB 137ms
137ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/07/new_homepage_platform-1.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8f793d8642f369bc67bf0554717fdf70f7eaf80d7d2e0c85013931669807decf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 120702
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 25 Jul 2024 00:58:35 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Group-1611-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 114ms
114ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Group-1611-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a92623f7e133847ad13d9c6133bf4d64c88df8389c35cadd91ca9c3d7ff4a1ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1642
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Thu, 13 Jan 2022 09:27:42 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 Group-1612-comp.png
g2rl.com/wp-content/uploads/2021/11/ 1 KB
2 KB 82ms
77ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Group-1612-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66477d55d55565b434250e8a96d2e37968b1b2b29303fb2129f30f9869e7dc89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1308
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Thu, 13 Jan 2022 09:27:42 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 HASSLE-FREE-2-comp.png
g2rl.com/wp-content/uploads/2021/11/ 1 KB
2 KB 65ms
64ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/HASSLE-FREE-2-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a2a5cc7fd27bd3d00ab2d5cebf9c6bbdd8b347e29658b97ad8efa74f8eecefd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1251
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Thu, 13 Jan 2022 09:27:42 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 reverse-logistics.png
g2rl.com/wp-content/uploads/2024/01/ 24 KB
24 KB 80ms
79ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/01/reverse-logistics.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca8e57ec3ed2595abb3b64a95bbeec118ef3fae847e11071b1d22f5c99de0f8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 24284
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 04 Jan 2024 15:48:30 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 NoPath-Copy-998-comp.png
g2rl.com/wp-content/uploads/2021/11/ 285 B
592 B 65ms
63ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-998-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 46d02a869720d931497398ddde2c0f44aa1fe77ed1607dc2bcbbe37649e067b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 285
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Thu, 13 Jan 2022 09:27:42 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 NoPath-Copy-99-comp.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 66ms
65ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/NoPath-Copy-99-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28d52b46d6134dddfe78aa45e66d0f637383a4b0690d973fa4650d3db62329fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2076
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Group-1648.png
g2rl.com/wp-content/uploads/2021/11/ 2 KB
2 KB 65ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Group-1648.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b06d9fe09c06e3241809a6e2c15d373eae2de182880b0ac30547bb36df521dd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1750
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Group-1635-1.png
g2rl.com/wp-content/uploads/2021/11/ 19 KB
19 KB 64ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Group-1635-1.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1056d68f706581190004d1725450ee67e8417d2014a459d7770f810a3d9e7458

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 19358
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Group-1285.png
g2rl.com/wp-content/uploads/2021/11/ 11 KB
11 KB 64ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Group-1285.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6647f7cf292b255d218b39eff4ca4f223229ea1ace307a730419ad80ea315a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 10964
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Group-47619.png
g2rl.com/wp-content/uploads/2024/07/ 32 KB
32 KB 64ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2024/07/Group-47619.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b8e31f4a485a515f743e6694851e04fe06871a72e423847c0a568f43321793b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 32386
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Tue, 30 Jul 2024 03:44:00 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 twitter-ic.png
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/ 2 KB
3 KB 65ms
63ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/twitter-ic.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bd32a9d86ff5386d55ccd2556d23898e6da13329a6252c4fa1453f27945475f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 2288
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Tue, 13 Aug 2024 20:25:21 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 linkedin-ic.png
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/ 2 KB
2 KB 65ms
64ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/linkedin-ic.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 452f4eb2800bff5b7af11064df3206ef0fb05920e35cbc34295c88d57d1a1264

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1874
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Tue, 13 Aug 2024 20:25:20 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 facebook-icon.png
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/ 561 B
868 B 65ms
65ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/facebook-icon.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 19bea8d13b5a8a0eb62201ca77dd46ecaee5a919f8540276d1b5f594d847ce48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 561
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Tue, 13 Aug 2024 20:25:18 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 close-ic.png
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/ 15 KB
15 KB 65ms
64ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/close-ic.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1ad7f541337269a6a9d5ef95c31853c49bd2734162a65589eac30690eab1a7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 15269
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Tue, 13 Aug 2024 20:25:18 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 MeetingsEmbedCode.js Show response
static.hsappstatic.net/MeetingsEmbed/ex/ 3 KB
2 KB 144ms
45ms Script
application/javascript 2606:4700::6811:ae5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ae5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b09e81ab00ae1afcd4d740bd58a24a5bdebd799cfd3d50c34baf8d9cd299c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"38897a45f9aedebed44ddc436fdf1736"
x-amz-version-id: jkP1jmhSg6irnUdp_Mf5x_aNZT.NFazW
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOJzFeIogEPB%2Bb2GO1jrm%2F8XhgdlUqpLkzQbyGZpWLtii%2FfPBZqXni8KanylEwhlXzXd3nydqMTru3KnMeSWochZG4ggnru1SqfhQ0lPU3GIl8TXIBh8M8qL5AqEX4IutHCqCGcafce8PKGT36uIOtOQIBs%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 05 Nov 2024 11:01:39 GMT
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 64kBasKnYDrQ2IWreIyg6ZEpslKQuB35NVYr98pde4llm6EToqledA==
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/javascript
last-modified: Mon, 09 Sep 2024 14:35:58 GMT
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-replication-status: COMPLETED
cache-control: public, max-age=60
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via: 1.1 f7622d34f14a4da761ccec4819140f94.cloudfront.net (CloudFront)
cf-ray: 8ddc5762880b8daf-MIA
x-amz-cf-pop: MIA3-P8
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 current.js Show response
js.hscta.net/cta/ 19 KB
7 KB 143ms
44ms Script
application/javascript 2606:4700::6811:24cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:24cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-request-id: 1b1f6510-6bab-41a3-aa37-a370baea6fc8
content-encoding: gzip
cf-cache-status: HIT
etag: W/"49dc870f22dc7e8bef174360be6097bc"
x-amz-version-id: W9oj2sVh6Qn00LXbZPOqsSo8Yj5Mq5qt
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
age: 29
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: wisEQAt_52pOzkI9IwY3wHtHNxLe2wZH1BPbHz-S1LljgRjmp77HmQ==
x-hubspot-correlation-id: 1b1f6510-6bab-41a3-aa37-a370baea6fc8
content-type: application/javascript; charset=utf-8
last-modified: Thu, 10 Oct 2024 11:44:56 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-g6kz6
x-envoy-upstream-service-time: 3
x-hs-target-asset: cta-embed-js/static-1.323/bundles/current.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: MISS
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.323/bundles/current.js&cfRay=8dd3268b1a0f5746-IAD
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
cf-ray: 8ddc57628ccbdaf9-MIA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 popper.min.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/ 21 KB
7 KB 69ms
65ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/popper.min.js?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 bootstrap.min.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/ 62 KB
14 KB 70ms
66ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/bootstrap.min.js?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 theme-script.min.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/ 2 KB
1021 B 64ms
63ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/theme-script.min.js?ver=6.6.2
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e9b946627b24b2f8adddbe7cb098c0725bd20bcaf390f3ead267efc0b8636b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Wed, 10 Sep 2025 23:39:55 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 skip-link-focus-fix.min.js Show response
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/ 326 B
457 B 62ms
62ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/js/skip-link-focus-fix.min.js?ver=20151215
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 994b984ac2bf31f1cc1b5f3979584572cfaae4682ed9f67022056ae025874ebb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:26:41 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:29 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 wpmssab.min.js Show response
g2rl.com/wp-content/uploads/wpmss/ 83 B
358 B 65ms
64ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/uploads/wpmss/wpmssab.min.js?ver=1617548072
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b481e105dca7e441a62cc4e684518ba50421328ff5c3ad7da7f7b5b8769fd6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:27:42 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:29 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 SmoothScroll.min.js Show response
g2rl.com/wp-content/plugins/mousewheel-smooth-scroll/js/ 7 KB
3 KB 69ms
68ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/plugins/mousewheel-smooth-scroll/js/SmoothScroll.min.js?ver=1.4.10
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 620bd01c4c002f0889fdc659369a7b16f69ab51e0972d53baefd0798e2e09469

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Wed, 03 Apr 2024 20:56:04 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:29 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 wpmss.min.js Show response
g2rl.com/wp-content/uploads/wpmss/ 198 B
424 B 67ms
67ms Script
application/javascript 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/uploads/wpmss/wpmss.min.js?ver=1617548072
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e02a866017333ce56a2e14fd0e21c4a5c55957e1e340ca9c07c5ac0d3fe17d76

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

last-modified: Thu, 13 Jan 2022 09:27:42 GMT
cache-control: max-age=31536000, public
content-encoding: br
expires: Mon, 08 Sep 2025 12:12:29 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/404048883/wp-0-5-3/ 32 B
577 B 226ms
80ms Script
text/javascript 13.33.252.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/404048883/wp-0-5-3/swap.js?ver=6.6.2

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-124.jfk50.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-request-id: 17ebdba2-7108-46f2-816c-4639a57b74bf
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: kAs9a9p89rQK5zkKKZYU9F03BfMvV9fb2lllQr4eSdbx9lWRH3-b8w==
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.006607
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 a5aff17032e65d74ef5c955d5493c06e.cloudfront.net (CloudFront)
content-length: 32
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P10

GET
H2 200 css
fonts.googleapis.com/ 2 KB
517 B 88ms
83ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=News+Cycle:400,700

Requested by

Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/presets/theme-option/journal.css?ver=6.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd04f0f5e2e88de7e2dd96f35f6064aa59e93db3b517417831d003d5d0039011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:21:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
113 KB 254ms
102ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d40ba49c7905d23f0b3b922d2eeee1af4836047a238aa8e3ea8ab35cba138a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115005
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 131ms
64ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Acodyx7a' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Acodyx7a' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: neD3Ysz1i8ogE7cGA7JrAEsZtOcox9GC8aigy4JTIkBDRPLtPLJa/IbqroM9GAE7GA7lvjeDMzbPwb6+eOm6zA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 green_arrow.svg
g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/ 869 B
710 B 62ms
62ms Image
image/svg+xml 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/images/green_arrow.svg
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/style.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa6b96fc0c729315461c6a84f8984a7969962977a3b21055c5f18b0068c5f9bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/style.css?ver=6.6.2

Response headers

last-modified: Tue, 13 Aug 2024 20:25:19 GMT
cache-control: max-age=10368000, public
content-encoding: br
expires: Mon, 06 Jan 2025 12:12:30 GMT
x-proxy-cache: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp: 1
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
server: nginx

GET
H3 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 141ms
65ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans%3Aital%2Cwght%400%2C100..900%3B1%2C100..900&display=swap&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 512918
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:32:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:32:01 GMT
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39412
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 163ms
88ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 513367
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 187ms
112ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 588212
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2
fonts.gstatic.com/s/newscycle/v23/ 13 KB
13 KB 134ms
61ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/newscycle/v23/CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 399361
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 20:04:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 20:04:38 GMT
last-modified: Tue, 02 May 2023 16:45:33 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13436
x-xss-protection: 0
server: sffe

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/9133996/b5a82cc8-6010-4392-ac20-ebf6805ed74c/ 15 KB
4 KB 169ms
109ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9133996/b5a82cc8-6010-4392-ac20-ebf6805ed74c/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e3177c40e44eb0a1f234b08552451bcc55302ac19869f7c3643922e36a9e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: d7d64cec-f668-4c5b-a302-3f3421792f9f
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: d7d64cec-f668-4c5b-a302-3f3421792f9f
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-l762x
x-envoy-upstream-service-time: 31
access-control-allow-credentials: false
cf-ray: 8ddc5762d96409fa-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 Mask-Group-15-comp.png
g2rl.com/wp-content/uploads/2021/11/ 1 KB
2 KB 67ms
66ms Image
image/png 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Mask-Group-15-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fde12a4092ef35e194ac3f5f7f85556c3f52bff2dc2fe8e7e1d8dd3857e2865

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2

Response headers

x-proxy-cache-info: 0 NC:000000 UP:
cache-control: private, max-age=10368000, public
expires: Wed, 05 Mar 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1534
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/png
last-modified: Thu, 13 Jan 2022 09:27:42 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding,Accept

GET
H2 200 Polygon-7-comp.png
g2rl.com/wp-content/uploads/2021/11/ 1 KB
2 KB 65ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Polygon-7-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1c7846f787c14e2f934db8e872d40c6c1bf83b3169ce7ddcb05d21b95d9df6ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1390
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 Polygon-8-comp.png
g2rl.com/wp-content/uploads/2021/11/ 1 KB
1 KB 64ms
64ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Polygon-8-comp.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f0255dfa7ba4dc44005924403057d33632af575898f93a02530fd260fd507e48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 1094
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 check.png
g2rl.com/wp-content/uploads/2021/11/ 402 B
704 B 64ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/check.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 152f651b66442272c8087221dd05cc69d68216a951115f3038e64c80f3939aef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 402
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Path-22681.png
g2rl.com/wp-content/uploads/2021/11/ 4 KB
4 KB 64ms
63ms Image
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g2rl.com/wp-content/uploads/2021/11/Path-22681.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd34162e8a91accabc4a28aa4fd7f5ee7a085d934fdf8f78dcfa38378c20f270

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter-child/assets/css/homenew-v2.css?ver=6.6.2

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:39 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 3656
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Thu, 13 Jan 2022 10:35:29 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 fa-solid-900.woff2
g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/webfonts/ 78 KB
79 KB 68ms
61ms Font
font/woff2 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/webfonts/fa-solid-900.woff2
Requested by: Host: g2rl.com
URL: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/fontawesome.min.css?ver=6.6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://g2rl.com/wp-content/themes/wp-bootstrap-starter/inc/assets/css/fontawesome.min.css?ver=6.6.2

Response headers

cache-control: max-age=10368000
expires: Mon, 06 Jan 2025 12:12:31 GMT
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 80300
date: Tue, 05 Nov 2024 11:00:39 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-type: font/woff2
last-modified: Thu, 13 Jan 2022 09:26:41 GMT
server: nginx
x-httpd-modphp: 1
vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 227ms
93ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-gmIVedKlMd0EB1_vP7QYig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 book-a-call-website
meetings.hubspot.com/traci-parrish/ Frame D6AB 0
0 177ms
97ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meetings.hubspot.com/traci-parrish/book-a-call-website?embed=true&parentHubspotUtk=ddd18164f4476e81643b844481811487&parentPageUrl=https://g2rl.com/

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/MeetingsEmbed/ex/MeetingsEmbedCode.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 3450
cache-control: max-age=600
cache-tag: staticjsapp-MeetingsPublicNewDomain-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8ddc57637c527473-MIA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Nov 2024 11:00:39 GMT
etag: W/"045c760b357df9f094b5823a3daa0b16"
last-modified: Thu, 31 Oct 2024 16:47:15 UTC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHAyZiILfV7lrGGDbAkt64h7Ewe05Hbgfldnt58M%2BWVwX25tMcLiYVEZiEAmPBDHNN%2BWfuLiy7LJeybOlTY4yKLkKMspmCC%2FL1f21yWbtkzdmogZa5RjM9WemqhuX%2F4B7ZV0V207kL7bcSlZjH9TmIpu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-amz-cf-id: xJ49wRRhxpEVd-KLofLMLsL4WW9_Dy50iiLvcJTCEsh1p9AiYE3UTg==
x-amz-cf-pop: IAD12-P3
x-amz-meta-ao: {"allowIFrame":"always","scriptSrc":["fixme:data","fixme:batbing","facebook","impact","hotjar","linkedin","fixme:yahoo-jp","recaptcha","podsights","convertexperiments","googlesyndication","doubleclick"]}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: M5VHOROdIeDEG2m3by5kxso4ER4d5v6n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-ts86q
x-evy-trace-virtual-host: all
x-hs-target-asset: MeetingsPublic/static-1.48002/html/public-na1.html
x-hubspot-correlation-id: 18bd04c8-a7e1-4341-b5b1-4a9fd05cc1ce
x-request-id: 18bd04c8-a7e1-4341-b5b1-4a9fd05cc1ce

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/9133996/b8d96051-af23-47c8-ae70-69e98d0f919f/ 12 KB
4 KB 114ms
108ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9133996/b8d96051-af23-47c8-ae70-69e98d0f919f/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0052394b6dacfa2d8311f779720398f31332696007c72020de90e26bcc0872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: e6c4561d-5399-4eb2-b310-aa8701ac4b27
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: e6c4561d-5399-4eb2-b310-aa8701ac4b27
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-mx5kh
x-envoy-upstream-service-time: 34
access-control-allow-credentials: false
cf-ray: 8ddc5763497a09fa-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/9133996/eeaa8401-d12b-4f11-8b3c-c6f61cb80f45/ 17 KB
5 KB 107ms
106ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9133996/eeaa8401-d12b-4f11-8b3c-c6f61cb80f45/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6537d424d08624ed34767dccb1784a69b1c675b6d0ed92516a70730fc9398a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 44fe0166-4aff-4bef-8b94-083a2e18a056
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: 44fe0166-4aff-4bef-8b94-083a2e18a056
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-xs2k4
x-envoy-upstream-service-time: 34
access-control-allow-credentials: false
cf-ray: 8ddc5763497b09fa-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 404 json Show response
forms.hsforms.com/embed/v3/form/9133996/9d856245-8b49-416b-a591-9087524e78d0/ 104 B
1017 B 89ms
89ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9133996/9d856245-8b49-416b-a591-9087524e78d0/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1131d6d98484c0e74b8852c8f4ba50926fa27f6c85fb6d326da22091a8a1f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: b05b0238-da3f-42ab-9570-c50c9c4315c4
access-control-expose-headers: X-Origin-Hublet
content-encoding: br
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: b05b0238-da3f-42ab-9570-c50c9c4315c4
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hubspot-notfound: true
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-jkdpv
x-envoy-upstream-service-time: 15
access-control-allow-credentials: false
cf-ray: 8ddc5763597f09fa-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/9133996/410b307b-1e1e-431a-a06c-71048a185512/ 17 KB
5 KB 99ms
99ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/9133996/410b307b-1e1e-431a-a06c-71048a185512/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b0949914706f619a8350a243f3cd46c6053ecb64530f465e7b558b27c42518a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 59071dbc-8fed-4b14-96ce-f5ec947db477
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: 59071dbc-8fed-4b14-96ce-f5ec947db477
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-tzm7x
x-envoy-upstream-service-time: 24
access-control-allow-credentials: false
cf-ray: 8ddc5763598309fa-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame 3F3D 484 KB
0 108ms
44ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guptm05ZR5btf6g7xJMwHzdZ%2FyMieAmGL0mY2lDJ6dAnwsiR%2B9NoxrVUhhg6swYeLpJjDf8mYO8a8K4nhPOEzOoP%2F1kwtYJ32DFzoCDH5tCfMLVwV%2F1q6cRacpHACoWk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HVHlI3-Ic_vzp9afJA_bLlYq2V-bmVrobOfBuk78VUzW-vCWb5ffAA==
x-hubspot-correlation-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-krlhh
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d68348c0b450612-IAD
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8ddc57608bfa74a2-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 4 KB
3 KB 201ms
115ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fg2rl.com%2F&pid=9133996&sv=cta-embed-js-static-1.323&rdy=1&df=t&pg=7d2e79ef-6120-4800-827c-907a66abe7d7

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ac7844768279a91ae7b2d737ef0455e6d69c67c917defd7bfee81858d43f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: c6b73bcf-ad49-45b8-97e5-6e0e8fcd9ba0
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PDmB8rzbghyNbcWd%2BEStxjRvAHGoeTLMXnB3J5vVJW08iyL0svswCLVHWWF27BrGJ5f4kiYDldOfqgnxdD5FainYV4KwLuOMpShqOtbpuFdjhUPLhsVDKEugNAXi8mxPJVsa962BRJ%2B5YiKSMZ6YqmDm5XEosLg78UA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: c6b73bcf-ad49-45b8-97e5-6e0e8fcd9ba0
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-9dtp5
x-envoy-upstream-service-time: 34
access-control-allow-credentials: true
cf-ray: 8ddc57645fb7a4e0-MIA
access-control-allow-origin: https://g2rl.com
x-evy-trace-route-configuration: listener_https/all
content-length: 1366
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
883 B 129ms
74ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: 0f2eaeda-cc30-4f57-acfc-eb22539965fe
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: 0f2eaeda-cc30-4f57-acfc-eb22539965fe
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-jkdpv
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8ddc57645f917481-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame E77D 484 KB
0 108ms
44ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guptm05ZR5btf6g7xJMwHzdZ%2FyMieAmGL0mY2lDJ6dAnwsiR%2B9NoxrVUhhg6swYeLpJjDf8mYO8a8K4nhPOEzOoP%2F1kwtYJ32DFzoCDH5tCfMLVwV%2F1q6cRacpHACoWk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HVHlI3-Ic_vzp9afJA_bLlYq2V-bmVrobOfBuk78VUzW-vCWb5ffAA==
x-hubspot-correlation-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-krlhh
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d68348c0b450612-IAD
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8ddc57608bfa74a2-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame 794A 484 KB
0 108ms
44ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guptm05ZR5btf6g7xJMwHzdZ%2FyMieAmGL0mY2lDJ6dAnwsiR%2B9NoxrVUhhg6swYeLpJjDf8mYO8a8K4nhPOEzOoP%2F1kwtYJ32DFzoCDH5tCfMLVwV%2F1q6cRacpHACoWk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HVHlI3-Ic_vzp9afJA_bLlYq2V-bmVrobOfBuk78VUzW-vCWb5ffAA==
x-hubspot-correlation-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-krlhh
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d68348c0b450612-IAD
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8ddc57608bfa74a2-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 css2
fonts.googleapis.com/ Frame 3F3D 7 KB
837 B 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:08:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame C668 484 KB
0 108ms
44ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guptm05ZR5btf6g7xJMwHzdZ%2FyMieAmGL0mY2lDJ6dAnwsiR%2B9NoxrVUhhg6swYeLpJjDf8mYO8a8K4nhPOEzOoP%2F1kwtYJ32DFzoCDH5tCfMLVwV%2F1q6cRacpHACoWk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: HVHlI3-Ic_vzp9afJA_bLlYq2V-bmVrobOfBuk78VUzW-vCWb5ffAA==
x-hubspot-correlation-id: e37b3e44-f867-4ff6-a3fd-1bcd7a4081d1
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7df4f6b649-krlhh
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Tue, 05 Nov 2024 11:00:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8d68348c0b450612-IAD
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8ddc57608bfa74a2-MIA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 3F3D 18 KB
0 163ms
88ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 513367
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 3F3D 18 KB
0 187ms
112ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 588212
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 3F3D 18 KB
18 KB 64ms
64ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://fonts.googleapis.com/

Response headers

age: 499524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 16:15:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 16:15:15 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 79ms
78ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: 6b887b78-58a0-4727-bcda-ce87f5f3362a
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: 6b887b78-58a0-4727-bcda-ce87f5f3362a
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-87mxq
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8ddc576538357481-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 153121880200804 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 199ms
198ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/153121880200804?v=2.9.176&r=stable&domain=g2rl.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

a1275d08b2a26c249f9a1b3e35bd08e69af5e4ddf1281b4ee0f933269d6e409f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-CZIHlgPk' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-CZIHlgPk' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=76, mss=1232, tbw=70248, tp=65, tpl=0, uplat=136, ullat=0
pragma: public
x-fb-debug: aFpc7W8txGfCBDFzB8ubKreDXNTZgn4nNSN/JzFori30UDoTjOPWO9OwaOpLKZuob0yZh6GQ0PXSPD6zxtLRVQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 76ms
75ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: e45deec5-4602-407e-ad21-805b29a9faf8
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:39 GMT
x-hubspot-correlation-id: e45deec5-4602-407e-ad21-805b29a9faf8
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-mx5kh
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8ddc5765686e7481-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 css2
fonts.googleapis.com/ Frame E77D 7 KB
0 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:08:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 210ms
85ms Script
text/javascript 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_294bf940_2c04_42d2_8e76_d77bca92e664&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

bd7bae1d36ffa1e910542f233582022bf7bfa9c9c313cc033e6f7fc322da57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 05 Nov 2024 11:00:40 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 Logo%202-2.png
9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/ Frame E77D 4 KB
6 KB 238ms
143ms Image
image/webp 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/Logo%202-2.png
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b50931930070aaa08b1fe3452eefd96d627a359bdb1d845854116acbd20924f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "13903cb379189371aa093f2d2c2ac965"
age: 221843
cache-tag: F-175199053621,P-9133996,FLS-ALL
x-amz-version-id: NdmImR8xKmJ1A5aVWKLaFOyDxl2Mvgh9
x-cache: RefreshHit from cloudfront
x-amz-cf-id: rHCU11xxTN7C2unudb9lohovhTnWyPjP62VVEAIdv8dJ3S4uI5HKCQ==
content-type: image/webp
content-disposition: inline; filename="Logo%202-2.webp"
last-modified: Thu, 08 Aug 2024 13:42:49 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-175199053621,P-9133996,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8BNQGB5Y05YHZ1PB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-175199053621,P-9133996,FLS-ALL
content-length: 4526
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=6543
date: Tue, 05 Nov 2024 11:00:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: KqXo+Wiq3hCvgq0r0yZR6zqyv88W4gGJ9uXNyRoBo3wqKiXVeNTZSFi+mYsmtIM2psSz+HxDKF8=
x-amz-meta-access-tag: public-indexable
timing-allow-origin: 9133996.fs1.hubspotusercontent-na1.net
via: 1.1 038457f797aa314915a62d82c1c45e26.cloudfront.net (CloudFront)
cf-ray: 8ddc57664f9ca564-MIA
access-control-allow-origin: *
x-amz-cf-pop: MIA3-P2
x-amz-meta-created-unix-time-millis: 1723124568494

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/ 30 KB
10 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: br
age: 21076
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 05:09:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 05:09:23 GMT
last-modified: Wed, 30 Oct 2024 04:17:07 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10143
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ Frame 794A 7 KB
0 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:08:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 Logo%202-2.png
9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/ Frame 794A 4 KB
0 234ms
234ms Image
image/webp 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/Logo%202-2.png
Requested by: Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b50931930070aaa08b1fe3452eefd96d627a359bdb1d845854116acbd20924f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "13903cb379189371aa093f2d2c2ac965"
age: 221843
cache-tag: F-175199053621,P-9133996,FLS-ALL
x-amz-version-id: NdmImR8xKmJ1A5aVWKLaFOyDxl2Mvgh9
x-cache: RefreshHit from cloudfront
x-amz-cf-id: rHCU11xxTN7C2unudb9lohovhTnWyPjP62VVEAIdv8dJ3S4uI5HKCQ==
content-type: image/webp
content-disposition: inline; filename="Logo%202-2.webp"
last-modified: Thu, 08 Aug 2024 13:42:49 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-175199053621,P-9133996,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8BNQGB5Y05YHZ1PB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-175199053621,P-9133996,FLS-ALL
content-length: 4526
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=6543
date: Tue, 05 Nov 2024 11:00:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: KqXo+Wiq3hCvgq0r0yZR6zqyv88W4gGJ9uXNyRoBo3wqKiXVeNTZSFi+mYsmtIM2psSz+HxDKF8=
x-amz-meta-access-tag: public-indexable
timing-allow-origin: 9133996.fs1.hubspotusercontent-na1.net
via: 1.1 038457f797aa314915a62d82c1c45e26.cloudfront.net (CloudFront)
cf-ray: 8ddc57664f9ca564-MIA
access-control-allow-origin: *
x-amz-cf-pop: MIA3-P2
x-amz-meta-created-unix-time-millis: 1723124568494

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 192ms
83ms Script
text/javascript 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_a339d5bf_d084_4651_aa45_94759c115bf4&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

1e1a851e6a890ac83efcfa06697c5ad41d0626b1963034e4e10c3b5f4671e086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 05 Nov 2024 11:00:40 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
578 B 96ms
84ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: 83c107c2-ac7b-4e21-93f2-dddc1b091314
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:40 GMT
x-hubspot-correlation-id: 83c107c2-ac7b-4e21-93f2-dddc1b091314
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Tue, 05 Nov 2024 11:00:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-n7sww
x-envoy-upstream-service-time: 4
access-control-allow-credentials: false
cf-ray: 8ddc5765f8f37481-MIA
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame E77D 18 KB
0 163ms
88ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 513367
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame E77D 18 KB
0 64ms
64ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 499524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 16:15:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 16:15:15 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame E77D 18 KB
0 187ms
112ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 588212
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 794A 18 KB
0 163ms
88ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 513367
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 794A 18 KB
0 64ms
64ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 499524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 16:15:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 16:15:15 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 794A 18 KB
0 187ms
112ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 588212
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ Frame C668 7 KB
0 87ms
86ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 10:08:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 Logo%202-2.png
9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/ Frame C668 4 KB
0 190ms
190ms Image
image/webp 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9133996.fs1.hubspotusercontent-na1.net/hubfs/9133996/Logo%202-2.png
Requested by: Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b50931930070aaa08b1fe3452eefd96d627a359bdb1d845854116acbd20924f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "13903cb379189371aa093f2d2c2ac965"
age: 221843
cache-tag: F-175199053621,P-9133996,FLS-ALL
x-amz-version-id: NdmImR8xKmJ1A5aVWKLaFOyDxl2Mvgh9
x-cache: RefreshHit from cloudfront
x-amz-cf-id: rHCU11xxTN7C2unudb9lohovhTnWyPjP62VVEAIdv8dJ3S4uI5HKCQ==
content-type: image/webp
content-disposition: inline; filename="Logo%202-2.webp"
last-modified: Thu, 08 Aug 2024 13:42:49 GMT
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-175199053621,P-9133996,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id: 8BNQGB5Y05YHZ1PB
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-175199053621,P-9133996,FLS-ALL
content-length: 4526
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=6543
date: Tue, 05 Nov 2024 11:00:40 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: KqXo+Wiq3hCvgq0r0yZR6zqyv88W4gGJ9uXNyRoBo3wqKiXVeNTZSFi+mYsmtIM2psSz+HxDKF8=
x-amz-meta-access-tag: public-indexable
timing-allow-origin: 9133996.fs1.hubspotusercontent-na1.net
via: 1.1 038457f797aa314915a62d82c1c45e26.cloudfront.net (CloudFront)
cf-ray: 8ddc57664f9ca564-MIA
access-control-allow-origin: *
x-amz-cf-pop: MIA3-P2
x-amz-meta-created-unix-time-millis: 1723124568494

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 147ms
86ms Script
text/javascript 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_14f31624_3c32_47c6_b90b_fdb3b375d9d8&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

897281e82dc9f3929360fc185b9e5c2bdb71d285d712ba976389dd789ac54d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 11:00:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 05 Nov 2024 11:00:40 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 78ms
77ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: 46a1e703-70db-40ff-8017-b71b6226ba23
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:40 GMT
x-hubspot-correlation-id: 46a1e703-70db-40ff-8017-b71b6226ba23
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-tzm7x
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8ddc576619187481-MIA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame C668 18 KB
0 163ms
88ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 513367
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame C668 18 KB
0 64ms
64ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 499524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 16:15:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 16:15:15 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame C668 18 KB
0 187ms
112ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=6.6.2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

age: 588212
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

POST
H3 200 collect
www.google.com/ccm/ 0
0 80ms
79ms Ping
text/plain 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fg2rl.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1444596538.1730804440&auid=843850369.1730804440&npa=0&gtm=45He4au0v839142139za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730804440070&tfd=4006&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 383 KB
126 KB 103ms
102ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3JXNJE1203&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f058740028c818b25481b7f4b300628c19a6ad7e68eb7c7b8bde51911c1ce24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 11:00:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 128479
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 185ms
56ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34E2203051D24C4FA374DC8DF973747A Ref B: MIA301000103047 Ref C: 2024-11-05T11:00:40Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 hotjar-2290490.js Show response
static.hotjar.com/c/ 13 KB
5 KB 301ms
145ms Script
application/javascript 108.138.106.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2290490.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-49.jfk50.r.cloudfront.net

Software

Resource Hash

8faa582b2586dd180453b52e2cdd6db8561963461b84af8602e4918c8a490157

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/fbf350342b72a5450b11a3a84a155eb4
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: Jy3fD3ztHdjaNvrvNYOt4OgDzORc7d7v4pbSUghnL4p0JNRLjzmrMA==
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P3

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 224ms
66ms Script
application/javascript 2600:141b:1c00:6::17df:d10d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d10d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: max-age=81953
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Tue, 05 Nov 2024 11:00:40 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
52 KB 121ms
120ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MMHSVSV

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4dd74d67bdd108deb8868c75271a8007dbb11e1183fe1fc108a2a22521f1693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 11:00:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 52683
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/404048883/6007bc3188d9fef71502/12/ 32 B
576 B 79ms
78ms Script
text/javascript 13.33.252.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/404048883/6007bc3188d9fef71502/12/swap.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-124.jfk50.r.cloudfront.net

Software

Resource Hash

d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-request-id: 093d3318-7602-4e90-a6ad-aec81bef5e57
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: kJ4D76nlqA6Abb0BvOkEB3xIJUM0L-LtzNeErz697k6V970tiwkqIQ==
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.004949
x-frame-options: SAMEORIGIN
cache-control: max-age=3600, public
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 a5aff17032e65d74ef5c955d5493c06e.cloudfront.net (CloudFront)
content-length: 32
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P10

GET
H2 200 ij68ctrs8m Show response
www.clarity.ms/tag/ 689 B
1 KB 273ms
59ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ij68ctrs8m
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4970e8b88bd8e9e193b45e218fd917da627d6f7454c7252612b6716f5a1376cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/x-javascript
x-azure-ref: 20241105T110040Z-16b74445767762cchC1BN1mk3800000005m0000000003hcn

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 88 KB
28 KB 232ms
72ms Script
text/javascript 2600:9000:23cb:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag: W/"792eca3181a87960d692c005437f63e0"
Age: 2893
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: QsicWHRZA2S-oMaNMEZhgxtuKwkuRmlqR-ThLxRVgRqYEW9Ditc5Pg==
Date: Tue, 05 Nov 2024 10:12:28 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame A0BD 0
0 191ms
63ms Document
text/html 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fg2rl.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLDR9FS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 51100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 20:49:00 GMT
expires: Tue, 04 Nov 2025 20:49:00 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ct Show response
obseu.bzcclandlord.com/ 0
144 B 170ms
165ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.bzcclandlord.com/ct?id=51772&url=https%3A%2F%2Fg2rl.com%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1730804440157&hl=2&op=0&ag=4155436659&rand=0485086192021512106816011712802794182532051120067800195508165466868192625612029018616&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk4MDJdLFsiYWJuY2giLDFdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy02LCItIl0sWy0zNSwiWzE3MzA4MDQ0NDAwOTQsMTBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTQ3LCItIl0sWy00OCwiMCwwIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTE3LCIxNiJdLFstMjAsIi0iXSxbLTI3LCJbMTUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMTAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstOSwiKyJdLFstMjgsImVuLVVTLGVuIl0sWy00MCwiMzMiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZEtYQmtSVVUxTlNVb0RGaFpXVzBwY1RCZGJRMXBhVlZoWFhWVldTMTBYV2xaVUZsQVdXbDhNRFFwY1h3cGZDMTFhQ1FvT1d3OWNYd0FPWEZvQVdsOE9DZzRCQ2xnWFUwb0RDQU1QQVFzTER4QVZXRTBaU3hrUlVVMU5TVW9ERmhaV1cwcGNUQmRiUTFwYVZWaFhYVlZXUzEwWFdsWlVGbEFXV2w4TURRcGNYd3BmQzExYUNRb09XdzljWHdBT1hGb0FXbDhPQ2c0QkNsZ1hVMG9EQ0E9PSJdLFstNTksImRlZmF1bHQiXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY2LCJnZW9sb2NhdGlvbixjaHVhZnVsbHZlcnNpb25saXN0LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsc2NyZWVud2FrZWxvY2sscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxjaHVhYXJjaCxjb21wdXRlcHJlc3N1cmUsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSx1c2IsY2hzYXZlZGF0YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxzaGFyZWRzdG9yYWdlLHJ1bmFkYXVjdGlvbixjaHVhZm9ybWZhY3RvcnMsY2hkb3dubGluayxvdHBjcmVkZW50aWFscyxwYXltZW50LGNodWEsY2h1YW1vZGVsLGNoZWN0LGF1dG9wbGF5LGNhbWVyYSxwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGFjY2VsZXJvbWV0ZXIsY2h1YXBsYXRmb3JtdmVyc2lvbixpZGxlZGV0ZWN0aW9uLHByaXZhdGVhZ2dyZWdhdGlvbixpbnRlcmVzdGNvaG9ydCxjaHZpZXdwb3J0aGVpZ2h0LGxvY2FsZm9udHMsY2h1YXBsYXRmb3JtLG1pZGksY2h1YWZ1bGx2ZXJzaW9uLHhyc3BhdGlhbHRyYWNraW5nLGNsaXBib2FyZHJlYWQsZ2FtZXBhZCxkaXNwbGF5Y2FwdHVyZSxrZXlib2FyZG1hcCxqb2luYWRpbnRlcmVzdGdyb3VwLGNod2lkdGgsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixicm93c2luZ3RvcGljcyxlbmNyeXB0ZWRtZWRpYSxneXJvc2NvcGUsc2VyaWFsLGNocnR0LGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCx1bmxvYWQsY2hkcHIsY2hwcmVmZXJzY29sb3JzY2hlbWUsY2h1YXdvdzY0LGF0dHJpYnV0aW9ucmVwb3J0aW5nLGZ1bGxzY3JlZW4saWRlbnRpdHljcmVkZW50aWFsc2dldCxwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24saGlkLGNodWFiaXRuZXNzLHN0b3JhZ2VhY2Nlc3Msc3luY3hocixjaGRldmljZW1lbW9yeSxjaHZpZXdwb3J0d2lkdGgscGljdHVyZWlucGljdHVyZSxtYWduZXRvbWV0ZXIsY2xpcGJvYXJkd3JpdGUsbWljcm9waG9uZSJdLFstNjcsIi0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTUwLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTY5LCItIl0sWy03MCwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTI1LCItIl0sWy00NCwiMCwwLDAsNSJdLFstNTIsIi0iXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXSxcImJcIjpbXCI0MDczNjk4ODY4XCIsXCIzMDY4OTcxMTg2XCIsXCIzOTIwMTcwODI5XCIsXCIzNDY1MjgxNTA2XCIsXCI2MDk4NzIyMVwiLFwiMTg0NTc1OTM0MVwiLFwiMjc3NTg5NTIwOVwiLFwiMTIxMjUwMTE3MFwiXSxcInNcIjoxfSJdLFstNjAsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjYxOTM1MzcsXCJ1amhzXCI6MjAxOTY4NTcsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTI5LCItIl0sWy00NSwiLSJdLFstMSwiLSJdLFstMTQsIi0iXSxbLTE2LCIwIl0sWy0xOSwiWzE0MCwxNDAsMTQwLDE0MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMywiKyJdLFstMzIsIi0iXSxbLTQ5LCItIl0sWy01MSwiLSJdLFstMTAsIi0iXSxbLTM4LCJpLC0xLC0xLDE2ODQsMCwwLDAsMCwwLDEyNjIsLTEsMCwzMzY2LDMzNjYsNDA5MCw0MDkwIl0sWy00NiwiMCJdLFstNjIsIjgwIl0sWy0yLCItIl0sWy03LCItIl0sWy0xMiwibnVsbCJdLFstMTgsIlswLDAsMCwxXSJdLFstMjEsIi0iXSxbLTI0LCJbXSJdLFstMzEsImZhbHNlIl0sWy01MywiMTAwIl0sWy02MywiMCJdLFstNjUsIi0iXSxbLTcxLCJhMDExMDAxMDEwMDEwMDEwMTAwMDEwMTAwMTExMTEwMTAwMDAxMCJdLFsiYm5jaCIsMTAzXSxbLTgsIi0iXSxbLTU1LCIxIl0sWy01OCwiLSJdLFstNjgsIi0iXSxbImRkYiIsIjAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDAsMCwxLDEsMywwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDIsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDEsMCwwLDAsMCwwLDQsMCwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=dzVIZxqJQA&pto=4094&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1730804440.4peO68XHSxAkpDlO&suid=1.1730804440.VmKpTBpg4X274H4d&tuid=1.1730804440.qOYKvQVvDBblkzGS&fbc=-&gtm=W10%3D&it=94%2C2976%2C895&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=Ojk2Oi0%2BOTY6LSY5NjstJj8%2BNjstJj88NjstJj8yNjstJj46NjstaGA2Oi1uc2hKeHJlaDY6LW5zaEZkZTY6LWVkbXk2Og%3D%3D
Requested by: Host: obseu.bzcclandlord.com
URL: https://obseu.bzcclandlord.com/i/cf543ef3f2dc037b6ef97ec9cf73783a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://g2rl.com
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT
pragma: no-cache
content-type: text/javascript

GET
H2 200 lftracker_v1_kn9Eq4RKoelaRlvP.js Show response
sc.lfeeder.com/ 31 KB
12 KB 567ms
381ms Script
application/javascript 2600:9000:2141:4000:4:d7e1:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_kn9Eq4RKoelaRlvP.js
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2141:4000:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc2a86777e91021d540a99efc69650a1e8864f048ab071961723900ec9029118

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=3600
content-encoding: br
x-amz-version-id: k0ewzrdCTb.AcmIutvcpB6A.pGq7OVRs
etag: W/"fdd26364320cdc3c2e31fa9c414b71af"
cross-origin-resource-policy: cross-origin
via: 1.1 2ae108ea5404064fac59010eedcd1806.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: mfousy0bwbPHZvnSi3XakBuIzJ8gGZj9-4qdsJEQ4j1WBBtkfdZXdw==
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: application/javascript
last-modified: Wed, 09 Oct 2024 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P10
x-amz-server-side-encryption: AES256

GET
H3 200 312722893866329 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 137ms
136ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312722893866329?v=2.9.176&r=stable&domain=g2rl.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

8d65771deefca4247d44c517165cf3a98aa1fd68f7ee8da1d6a9b116cb31f244

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-G5N9CQZK' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-G5N9CQZK' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=90, mss=1232, tbw=86600, tp=83, tpl=0, uplat=75, ullat=0
pragma: public
x-fb-debug: tnsv5xPdoMnixlFxAFI9OhFRZmEnZtjFf6gv65aSI4qHmmYHX6/I0Ocnq8vq25YCjnGng3PaSXTqErvtE+zMTw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 215ms
64ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153121880200804&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804440184&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730804440179.876214586257024280&cs_est=true&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&exp=f0&rqm=GET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1297, tbw=2984, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
991 B 317ms
167ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=153121880200804&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804440184&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730804440179.876214586257024280&cs_est=true&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&exp=f0&rqm=FGET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748467018219781"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748467018219781"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: W0zJY/oYXZApbewvN/WdfSnxzinR6b0gAtPpYjujh0HWONOCkzPuUveraHg2XVyIpIm6RtkV/317XIrBFvK0bA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433748467018219781", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=18, mss=1297, tbw=8220, tp=-1, tpl=-1, uplat=103, ullat=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 135ms
63ms Script
text/javascript 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_a339d5bf_d084_4651_aa45_94759c115bf4&render=explicit&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://g2rl.com
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
age: 6106
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 09:18:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 09:18:54 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H2 200 56342626.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 83ms
82ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56342626.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b92ea15691364495f300799654a6763e77222e489252adbc63963f1aa79f0b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 585B432816FD4AEEA0211BFF83FCB5B6 Ref B: MIA301000103047 Ref C: 2024-11-05T11:00:40Z
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 210ms
76ms Fetch
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3JXNJE1203&gtm=45je4au0v880240160z8839142139za200zb839142139&_p=1730804439329&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=631442998.1730804440&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730804440&sct=1&seg=0&dl=https%3A%2F%2Fg2rl.com%2F&dt=Reverse%20Logistics%20Solutions%20-%20To%20simplify%20returns%20management&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4249
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3JXNJE1203&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://g2rl.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
762 B 208ms
127ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6468018&time=1730804440328&url=https%3A%2F%2Fg2rl.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://g2rl.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000626284fd9810067140a132862ff43
x-msedge-ref: Ref A: B1D00A3A4E46454886002246E0FB7743 Ref B: MIA301000103035 Ref C: 2024-11-05T11:00:40Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYmKE/ZgQBnFAoTKGL/Qw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 11:00:39 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D6468018%26time%3D1730804440328%26li_adsId%3D8d6d7598-e245-4ed5-99a4-a7cd0450c257%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJan1...

0
486 B

206ms
118ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJan17uTm1QRgAAAZL7-9_VZAdalBtDkVODlWYLwFodCZzcYcsRwsdLAjga3CLblQtV3Q
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6388E73B3F3943A88F58EF14CBABE1B2 Ref B: MIAEDGE2309 Ref C: 2024-11-05T11:00:41Z
x-li-fabric: prod-lor1
x-li-uuid: AAYmKE/leqYlsPqyDYjtrg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6468018&time=1730804440328&li_adsId=8d6d7598-e245-4ed5-99a4-a7cd0450c257&url=https%3A%2F%2Fg2rl.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJan17uTm1QRgAAAZL7-9_VZAdalBtDkVODlWYLwFodCZzcYcsRwsdLAjga3CLblQtV3Q
x-msedge-ref: Ref A: A2F96992ACF14AAD9206C26499686827 Ref B: MIAEDGE1918 Ref C: 2024-11-05T11:00:40Z
x-li-fabric: prod-lor1
x-li-uuid: AAYmKE/iG+20Z4RPS1zBjw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 72ms
70ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312722893866329&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804440335&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730804440179.876214586257024280&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&exp=f2&rqm=GET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1297, tbw=3267, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
5 KB 163ms
161ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=312722893866329&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804440335&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730804440179.876214586257024280&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&exp=f2&rqm=FGET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748466872267902"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748466872267902"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: yYpdgMnxWiBEO4WySW6XGTRlEgPiBMSloeAluhdod7kl9+MdBpfO0mmwrO8Mq/QfpY/QGwTB+712eck0ipHN0A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433748466872267902", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=62, rtx=0, c=18, mss=1297, tbw=3419, tp=-1, tpl=-1, uplat=95, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 56342626 Show response
www.clarity.ms/tag/uet/ 917 B
1 KB 77ms
76ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56342626
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56342626.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f27c3d82d99f657ce645b229624fc22622642901431ab8efb801f85ca382fa08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 917
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/x-javascript
x-azure-ref: 20241105T110040Z-16b74445767762cchC1BN1mk3800000005m0000000003hcp

GET
H2 204 0
bat.bing.com/action/ 0
360 B 59ms
58ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56342626&Ver=2&mid=8a383c82-de73-4a9b-9dd0-67d50b126d9c&bo=1&sid=31efa8f09b6511ef81426f6cc664bcba&vid=31efaec09b6511efa4c2c338137f8caa&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Reverse%20Logistics%20Solutions%20-%20To%20simplify%20returns%20management&p=https%3A%2F%2Fg2rl.com%2F&r=&lt=3535&evt=pageLoad&sv=1&cdb=AQAQ&rn=507772

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C653DDBEC1384BE1AE879BC4A973B81E Ref B: MIA301000103047 Ref C: 2024-11-05T11:00:40Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 11:00:39 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

126ms
64ms

Script
application/javascript

2600:9000:23cb:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: HTTP/1.1
Server: 2600:9000:23cb:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 15844
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: C1R53l91YYyKautL01LKjJ-57dBDYUJVIwtevkO_D8vncJdK8j2-WQ==
Date: Tue, 05 Nov 2024 06:36:37 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers: *
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 fa46ec88710e6374e08eeaa473342090.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

Redirect headers

Access-Control-Max-Age: 600
Age: 58598
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: YuUZ5Ss-zkvBuJJBQjwSbUxI1UBOJp_kueczMFI0H7m4j02WINWNZw==
Date: Mon, 04 Nov 2024 18:44:02 GMT
Content-Type: application/xml
Access-Control-Allow-Headers: *
Location: https://s.adroll.com/j/pre/index.js
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/ 0
805 B 406ms
341ms Script
text/javascript 2600:9000:23cb:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Access-Control-Max-Age: 600
X-Amz-Version-Id: o2aEIg0fJsymwLJfV6huKi38izuNznVY
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Allow-Methods: GET
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: 7mum8z6mg9UzXEz6z5qzZ_18R7Ltgj9qIQliuv6pgNkSs3lIu4cfow==
Date: Tue, 05 Nov 2024 11:00:41 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Sat, 02 Nov 2024 12:26:28 GMT
Access-Control-Allow-Headers: *
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 0
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 211ms
71ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2290490.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 74442
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: N1-hM8wDuGEx7nt20hIUgk_HxflUxMGzQzRl0xVhjkjLwd_aoXAp4g==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: JFK50-P5

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.53/ 65 KB
28 KB 74ms
73ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.53/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ij68ctrs8m
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-azure-ref: 20241105T110040Z-16b74445767762cchC1BN1mk3800000005m0000000003hcr
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCFCF01CE35FFD"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 3a1c1e33-701e-003e-59d9-2eb9a4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 16:45:38 GMT

GET
H2 200 3WZ43R6WAFAM7JXEMV3ATW Show response
d.adroll.com/consent/check/ 522 B
1 KB 196ms
58ms Script
application/javascript 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/3WZ43R6WAFAM7JXEMV3ATW?flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&_s=d59c97d2160bd63831efb7dfa03647cd&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 1dd16c1f77fdff40ca0bcd500b5fb44bc88c54b77562c12431b5af4b860a933b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 522
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:40 GMT
pragma: no-cache
content-type: application/javascript
server: nginx/1.22.1

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame C59A 0
0 217ms
99ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9nMnJsLmNvbTo0NDM.&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=moyz3yiu1vs5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UQjTvgH9Zf6AjijWENK5Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UQjTvgH9Zf6AjijWENK5Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 6D33 0
0 321ms
105ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mTAZH8_e8RWIXUhGCOifkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mTAZH8_e8RWIXUhGCOifkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 4DC1 0
0 266ms
160ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-In2D016JO95i_HHjb4iN_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-In2D016JO95i_HHjb4iN_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame F01E 0
0 362ms
94ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VqNjlY4zRWteEi5g-fQsrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VqNjlY4zRWteEi5g-fQsrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 23F7 0
0 218ms
122ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_kiIMQDz_U_G98h90W4Uig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_kiIMQDz_U_G98h90W4Uig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 5A20 0
0 315ms
98ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7mSx2Bm3OsHfWFiVOP2uRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7mSx2Bm3OsHfWFiVOP2uRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_content.html
x.adroll.com/pxl/ Frame 8C40 0
0 200ms
58ms Document
text/html 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
ad-auction-allowed: true
content-encoding: zstd
content-length: 427
content-type: text/html
date: Tue, 05 Nov 2024 11:00:40 GMT
last-modified: Mon, 04 Nov 2024 03:16:36 GMT

GET
H2 200 2XCWOL76XJHIFCN573YYME Show response
d.adroll.com/pixel/3WZ43R6WAFAM7JXEMV3ATW/ 391 B
1 KB 60ms
58ms Script
text/plain 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/pixel/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&cookie=&adroll_s_ref=&keyw=&p0=1342&xa4=1
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 5930a52161b55c3cc516d1de6a91382d4b6b0f8f6dbda6727675f86817b658c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-segment-display-name: Visitors to Unsegmented Pages
x-rule-type: p
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-conversion-currency
x-conversion-value: 0.00
x-segment-eid: PK4CUYQFKBHZLMNNMCRH2I
x-advertisable-eid: 3WZ43R6WAFAM7JXEMV3ATW
x-segment-name: *_cyawejriuzfdrc2ijdxzb4
content-length: 391
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:40 GMT
x-pixel-eid: 2XCWOL76XJHIFCN573YYME
server: nginx/1.22.1
x-rule: *

GET
H2 200 2XCWOL76XJHIFCN573YYME
ipv4.d.adroll.com/px4/3WZ43R6WAFAM7JXEMV3ATW/ 42 B
176 B 194ms
57ms Image
image/gif 3.215.27.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv4.d.adroll.com/px4/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&cookie=&adroll_s_ref=&keyw=&p0=1342&xa4=1
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.27.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-27-253.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-length: 42
date: Tue, 05 Nov 2024 11:00:40 GMT
pragma: no-cache
content-type: image/gif
server: nginx/1.22.1

GET
H2 204 2290490 Show response
vc.hotjar.io/sessions/ 0
232 B 287ms
126ms XHR
text/plain 3.168.122.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2290490?s=0.25&r=0.17016857715832567
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-82.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

via: 1.1 e9fae68a5077ddad48f891e10e9046ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: xv7yPZE0-60Ul1ofYAHDF6G0WoZgHDl0Zw6U3x02d6OkSdsmM4hm4Q==
date: Tue, 05 Nov 2024 11:00:40 GMT
x-amz-cf-pop: JFK52-P7

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 598ms
284ms XHR
application/json 34.247.247.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2290490&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.247.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-247-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 663bb98e654c126933a885a4b190add161e087ebba85e53e15edbe0cc78cf440

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://g2rl.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: application/json

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
272 B 242ms
121ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://g2rl.com/

Response headers

Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin: https://g2rl.com
Date: Tue, 05 Nov 2024 11:00:41 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK PK4CUYQFKBHZLMNNMCRH2I.js Show response
s.adroll.com/pixel/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/ 7 KB
3 KB 338ms
336ms Script
text/javascript 2600:9000:23cb:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/PK4CUYQFKBHZLMNNMCRH2I.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6df639a6a97f6e57f640548bdc09b0ca4dd74c3e47bcca7028d93b9f0a1e85b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: GMTMaHznMuzhTKutdURdUIbX5bbPtY7F
Etag: W/"f33b8c1150c30c2961dcad98621163a1"
Access-Control-Allow-Methods: GET
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: LMSJBTF9O_yBhzNdPSp3A-KzHoHfWxwD9-scOCpm9MUdNY802m95jQ==
Date: Tue, 05 Nov 2024 11:00:42 GMT
Content-Type: text/javascript; charset=utf-8
Vary: accept-encoding
Last-Modified: Tue, 10 Sep 2024 11:31:22 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H2 200 trigger
x.adroll.com/attribution/ 2 B
467 B 174ms
57ms Image
text/plain 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.adroll.com/attribution/trigger?fpc=cfde1a88ae201a30402854c41739fffb&advertisable_eid=3WZ43R6WAFAM7JXEMV3ATW&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f18:61c0:220c:e0d8:1526:957f:3fdd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-length: 2
date: Tue, 05 Nov 2024 11:00:40 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"11486825927205312650","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"11486825927205312650","filters":{"source_type":["navigation"]}}],"debug_key":"14116036017310728868","debug_reporting":true,"filters":{"0":["3WZ43R6WAFAM7JXEMV3ATW"]}}
content-type: text/plain; charset=utf-8

GET
H2 200 /
tr-rc.lfeeder.com/ 43 B
339 B 272ms
123ms Image
image/gif 13.35.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-rc.lfeeder.com/?sid=kn9Eq4RKoelaRlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLTNKWE5KRTEyMDMiXSwiZ2FDbGllbnRJZHMiOlsiNjMxNDQyOTk4LjE3MzA4MDQ0NDAiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42NC4xIn0sInBhZ2VVcmwiOiJodHRwczovL2cycmwuY29tLyIsInBhZ2VUaXRsZSI6IlJldmVyc2UgTG9naXN0aWNzIFNvbHV0aW9ucyAtIFRvIHNpbXBsaWZ5IHJldHVybnMgbWFuYWdlbWVudCIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiM2MyYjZiMWE0OWQ1YWI3YSIsInNjcmlwdElkIjoia245RXE0UktvZWxhUmx2UCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuZDgwZDAwN2Y5MGFjNzIyZC4xNzMwODA0NDQwOTQ0IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-91.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cross-origin-resource-policy: cross-origin
via: 1.1 1d0c8380d9f12c4c559633dbe9e5eeca.cloudfront.net (CloudFront)
x-cache: LambdaGeneratedResponse from cloudfront
content-length: 43
x-amz-cf-id: _xjHXovc_G8afgYPnZIvWpcTA8k9Ng46_yYnL7qjFkg9ZWI88GG_5w==
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif
x-amz-cf-pop: JFK50-P8
server: CloudFront
vary: Origin

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
272 B 186ms
107ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://g2rl.com/

Response headers

Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin: https://g2rl.com
Date: Tue, 05 Nov 2024 11:00:41 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 8 KB
3 KB 67ms
65ms Script
text/javascript 2600:9000:23cb:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/3WZ43R6WAFAM7JXEMV3ATW/2XCWOL76XJHIFCN573YYME/PK4CUYQFKBHZLMNNMCRH2I.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: CK4cMX5vZLEnRrAtBOR1tfE4_uNanswm
Etag: W/"4a64112c69b3c4b3f104f38d9547a094"
Age: 79
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 5z4WejSxBQ54cMLDJG57fbyrrkVI-3CXmPBcStB5SFxd1I_3hVNmjg==
Date: Tue, 05 Nov 2024 10:59:23 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Mon, 30 Sep 2024 21:10:57 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=300, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: JFK50-P1
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H3 200 757451811038827 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 240ms
238ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/757451811038827?v=2.9.176&r=stable&domain=g2rl.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

dee076e4dd2c0186f33f2d346169e2656303e32713951b9764b58de3814a396b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-wblhuX3c' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-wblhuX3c' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=59, rtx=0, c=93, mss=1232, tbw=90456, tp=90, tpl=0, uplat=176, ullat=0
pragma: public
x-fb-debug: liv9l1ZUtBsaFL3a8fMWA8CxGI8XXfP3GInv7I0g/NFzwY1A1omrYPgsrJBSBZ/7g5wtjhvE/noJamW85n9WoA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

/
px4.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?pid=3612252&fmt=gif
https://px4.ads.linkedin.com/collect/?pid=3612252&fmt=gif&e_ipv6=AQKk5U78naBswgAAAZL7--CpKlhCeoZfwEhqfA0moPlM8HqAimvgXs7GJtYIaZ4iHbFkTQ

43 B
248 B

122ms
119ms

Image
image/gif

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect/?pid=3612252&fmt=gif&e_ipv6=AQKk5U78naBswgAAAZL7--CpKlhCeoZfwEhqfA0moPlM8HqAimvgXs7GJtYIaZ4iHbFkTQ
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-msedge-ref: Ref A: 73CBBF49101A490CB73E83FAFBA0CCD4 Ref B: MIAEDGE2309 Ref C: 2024-11-05T11:00:41Z
x-li-fabric: prod-lor1
x-li-uuid: AAYmKE/nV/o2XSC+WwjiJw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 65
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect/?pid=3612252&fmt=gif&e_ipv6=AQKk5U78naBswgAAAZL7--CpKlhCeoZfwEhqfA0moPlM8HqAimvgXs7GJtYIaZ4iHbFkTQ
x-msedge-ref: Ref A: E7587AC71BAA4293B099C2D5138C8AA7 Ref B: MIAEDGE1918 Ref C: 2024-11-05T11:00:41Z
x-li-fabric: prod-lor1
x-li-uuid: AAYmKE/leXhE5j/gSDc22w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

43 B
183 B

194ms
58ms

Image
image/gif

35.211.202.130
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 35.211.202.130 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 130.202.211.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://x.bidswitch.net/sync?dsp_id=44&user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://d.adroll.com/cm/experian/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%252C%252C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e8889e-467f-488c-9c20-3d980b8e1aed&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%2C%2C

95 B
124 B

62ms
61ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e8889e-467f-488c-9c20-3d980b8e1aed&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%2C%2C

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e8889e-467f-488c-9c20-3d980b8e1aed&ttd_puid=8e63e415-1f3a-4451-9b61-05d9ed42a502%2C%2C
content-length: 359
date: Tue, 05 Nov 2024 11:00:41 GMT
server: Kestrel

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=JXecN9QLaFKYfhuOhWjSAA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=JXecN9QLaFKYfhuOhWjSAA&google_tc=
https://d.adroll.com/cm/g/in

42 B
820 B

59ms
58ms

Image
image/gif

2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-result: g.-1.-1.-1
content-length: 42
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif
server: nginx/1.22.1

Redirect headers

cache-control: no-cache, must-revalidate
location: https://d.adroll.com/cm/g/in
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 225
date: Tue, 05 Nov 2024 11:00:41 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441&C=1

43 B
342 B

83ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441&C=1
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTnsb%2Fdf3DqkjpB3ZpCTTlxh6fHf4BsR6xckjmTEPJFq1BlA6YEOjCnfRzxAQ0POH9A5k8W6XQU4oZ0ec7d2zPG%2Fm%2BO%2Fewgr3seFRfzsTVlUYmUHr5OdURkem3AQ%2FZ%2BJp9uEvUZyGUvHyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddc576eefb6db0d-MIA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=105&external_user_id=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expiration=1762340441&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9H2pNXDts%2BnzZF8Al9YXbnY0DYl8%2B6RYft4ZL%2FrL3L8yuXTl8vIMjY5RxZgbDy8gwo9v9zHdMKGB%2Bk4p7eouecjbkE%2FZF%2FgiEaUXqHbLnfHk17jWNVp9QjE71%2ByGvCSgoZpM9qeMT6B6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ddc576e6f38db0d-MIA
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Tue, 05 Nov 2024 11:00:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://idsync.rlcdn.com/377928.gif?partner_uid=25779c37d40b6852987e1b8e8568d200
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDAQABoNCNn1p7kGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&rand=09385660

0
142 B

127ms
126ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&rand=09385660
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C436B953E84A405EAFB54441C4AD8CC3 Ref B: MIAEDGE1918 Ref C: 2024-11-05T11:00:41Z
x-li-fabric: prod-lor1
x-li-uuid: AAYmKE/stpOoRxqzQFIyug==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f7c1a82ad4d3a76344f7c691418c39dd50fd699184d5bdc0e5683d3d2de74d3f791426b5417dce21&rand=09385660
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expires=365

42 B
1 KB

221ms
60ms

Image
image/gif

69.173.146.5
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expires=365
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: HTTP/1.1
Server: 69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: bd0f62a3fbacfef6a33ae6abaf6daf37
Pragma: no-cache
content-length: 42
Content-Type: image/gif

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&expires=365
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://us-u.openx.net/w/1.0/sd?id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent=

43 B
171 B

49ms
46ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent=
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=25779c37d40b6852987e1b8e8568d200&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 0
date: Tue, 05 Nov 2024 11:00:40 GMT
server: OXGW/0.0.0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=&us_privacy=1---

0
360 B

276ms
85ms

Image
text/plain

70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

HTTP/1.1

Server

70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT
x-traceid: 86a70c48a61ba71b4f9d5e5cd6130850

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=&us_privacy=1---
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
582 B

201ms
59ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-store, no-cache, private
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 05 Nov 2024 11:00:40 GMT
content-type: image/gif; charset=utf-8
server: nginx

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
131 B

74ms
70ms

Image
text/html

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Tue, 05 Nov 2024 11:00:41 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
age: 0
referrer-policy: no-referrer-when-downgrade
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT
server: ATS

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

0
364 B

224ms
65ms

Image
text/plain

141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-fastly-to-nlb-rtt: 63648
date: Tue, 05 Nov 2024 11:00:41 GMT
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-store, no-cache, must-revalidate
location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 05 Nov 2024 11:00:41 GMT
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://eb2.3lift.com/xuid?mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

76ms
68ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: g2rl.com
URL: https://g2rl.com/
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: /xuid?ld=1&mid=4714&xuid=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Tue, 05 Nov 2024 11:00:41 GMT

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=cfde1a88ae201a30402854c41739fffb-1730804440697&flg=1&pv=74751037121.32352&arrfrr=https%3A%2F%2Fg2rl.com%2F&advertisable=3WZ43R6WAFAM7JXEMV3ATW
https://ib.adnxs.com/setuid?entity=172&code=MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

43 B
1 KB

111ms
109ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.68; 38.132.118.68; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: f22f68f9-a356-4031-995f-cc8189c20f39
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 05 Nov 2024 11:00:41 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 38.132.118.68; 38.132.118.68; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 94603603-b322-4412-a9ef-6a2e718500b9
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 05 Nov 2024 11:00:41 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
189 B 125ms
123ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2rl.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 859BBE0426C9433B95A0D29892A799E4 Ref B: MIAEDGE1918 Ref C: 2024-11-05T11:00:41Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYmKE/nz7x9tbiveOHWSw==
x-li-proto: http/2
access-control-allow-origin: https://g2rl.com
x-cache: CONFIG_NOCACHE
date: Tue, 05 Nov 2024 11:00:40 GMT
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
121 B 68ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=757451811038827&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804441438&cd[segment_eid]=PK4CUYQFKBHZLMNNMCRH2I&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4125&fbp=fb.1.1730804440179.876214586257024280&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=f2&rqm=GET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=10, mss=1297, tbw=9303, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
994 B 235ms
234ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=757451811038827&ev=PageView&dl=https%3A%2F%2Fg2rl.com%2F&rl=&if=false&ts=1730804441438&cd[segment_eid]=PK4CUYQFKBHZLMNNMCRH2I&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4125&fbp=fb.1.1730804440179.876214586257024280&ler=empty&cdl=API_unavailable&it=1730804439879&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=f2&rqm=FGET

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748470396734264"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433748470396734264"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 11:00:41 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: kVMcWrk25Gulp4rW0Ek2ro7GJGUgtF2kW+qaYVMAE/y4ZQ8WbeoCFhQ+RzvbpaNjGFBnfVHQTz3c6uJDy40Njg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433748470396734264", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control: private, no-store, no-cache, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=10, mss=1297, tbw=9468, tp=-1, tpl=-1, uplat=170, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
580 B 80ms
79ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-timeout&value=1

Requested by

Host: g2rl.com
URL: https://g2rl.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-robots-tag: none
x-request-id: ede06db0-e691-40ad-9495-13aef0b74e6e
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Tue, 05 Nov 2024 11:00:41 GMT
x-hubspot-correlation-id: ede06db0-e691-40ad-9495-13aef0b74e6e
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Tue, 05 Nov 2024 11:00:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-mx5kh
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8ddc576fe9a37481-MIA
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&RedC=c.clarity.ms&MXFR=28EC2E7B89B16C053E0C3B558DB162B6
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&MUID=3D4193A86A42633D0AB086866BFC620D

42 B
465 B

55ms
54ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&MUID=3D4193A86A42633D0AB086866BFC620D
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Tue, 05 Nov 2024 11:00:42 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0213E23EC81449FD801FBFC0CCF076CA&MUID=3D4193A86A42633D0AB086866BFC620D
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00515E194C6F45F8936F787531FEDEEA Ref B: MIAEDGE1705 Ref C: 2024-11-05T11:00:42Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Tue, 05 Nov 2024 11:00:41 GMT
x-powered-by: ASP.NET

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame CF68 0
0 89ms
87ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2wt6mMEf9zeHnKB_mhB00g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2wt6mMEf9zeHnKB_mhB00g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame 96CC 0
0 140ms
84ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hswEhRzvcspT4nKUyQplLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hswEhRzvcspT4nKUyQplLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cropped-G2RL-Favicon-32x32.png
g2rl.com/wp-content/uploads/2024/08/ 766 B
1 KB 64ms
63ms Other
image/webp 34.174.47.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g2rl.com/wp-content/uploads/2024/08/cropped-G2RL-Favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.174.47.50 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.47.174.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17368965f08a2077d8d06187f3b0bfd250fbdea3fc0b11d3ab758f46ccae7610

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://g2rl.com/

Response headers

x-httpd-modphp: 1
cache-control: private, max-age=31536000
expires: Wed, 05 Nov 2025 11:00:41 GMT
accept-ranges: bytes
x-proxy-cache: MISS
content-length: 766
date: Tue, 05 Nov 2024 11:00:41 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-type: image/webp
vary: Accept,Accept-Encoding
server: nginx
last-modified: Wed, 21 Aug 2024 12:47:36 GMT
x-proxy-cache-info: 0 NC:000000 UP:

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame F6D1 0
0 116ms
84ms Document
text/html 142.250.80.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PQsfP14QNO8O1cVafPWGwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://g2rl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PQsfP14QNO8O1cVafPWGwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-security-policy-report-only: frame-ancestors 'self';report-uri https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 11:00:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST 38fac9d5b82543fc4729580d18ff2d3d
csp.withgoogle.com/csp/frame-ancestors/ 0
0

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
272 B 57ms
56ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.53/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://g2rl.com/

Response headers

Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin: https://g2rl.com
Date: Tue, 05 Nov 2024 11:00:43 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.withgoogle.com
URL: https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 05:05:56	Name: _GRECAPTCHA Value: 09ANOXeZzwE-ACASJpnvMK4MfZbuUqX_gq7LUWmVGc78kl_0VM4Tuz5lsGSUZljz2AXiGc1rcuiyqHi0MQ6IgxKWU
.hsforms.net/	1970-01-21 00:46:46	Name: __cf_bm Value: oO1gHdbJ6LYwSlPW.Vlpi1yy6zUKV9rpC0dLPgWfQKk-1730804439-1.0.1.1-MSIqyqwKBXtrC4Yp_3tPBvsaEec8cDkuZc6s..WTmHhk1Oss2kU_0w6LstW9wrHvpFpVzAQMI5W2aJLLPFgmvg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eLREYiKbtSA
.youtube.com/	1970-01-21 05:05:56	Name: VISITOR_INFO1_LIVE Value: qgYxcvy6SpY
.youtube.com/	1970-01-21 05:05:56	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgGA%3D%3D
.hsforms.com/	1970-01-21 00:46:46	Name: __cf_bm Value: aKrbzXgbWTW9js9VCWrwH3XUOYlkwrgyheR18lKyyJ8-1730804439-1.0.1.1-Ai7FMfhliLUvFO7DJqUVfbv7VB5LvFEljSSMWg7HN3H3s7B3jj.sujk_LorbALtITTGAaGrjiKIU9r2A1ADrBA
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: gxQYd4r_TgkhcWaTJCxaLUOn_YYI9pB4roVpisgL0co-1730804439775-0.0.1.1-604800000
.g2rl.com/	1970-01-21 02:56:20	Name: _gcl_au Value: 1.1.843850369.1730804440
.g2rl.com/	1970-01-21 02:58:08	Name: _cq_duid Value: 1.1730804440.4peO68XHSxAkpDlO
.g2rl.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1730804440.VmKpTBpg4X274H4d
.g2rl.com/	1970-01-21 02:56:20	Name: _fbp Value: fb.1.1730804440179.876214586257024280
.g2rl.com/	1970-01-21 10:22:44	Name: _ga_3JXNJE1203 Value: GS1.1.1730804440.1.0.1730804440.0.0.0
.g2rl.com/	1970-01-21 10:22:44	Name: _ga Value: GA1.1.631442998.1730804440
.g2rl.com/	1970-01-21 00:48:10	Name: _uetsid Value: 31efa8f09b6511ef81426f6cc664bcba
.g2rl.com/	1970-01-21 10:08:20	Name: _uetvid Value: 31efaec09b6511efa4c2c338137f8caa
.bing.com/	1970-01-21 10:08:20	Name: MUID Value: 3D4193A86A42633D0AB086866BFC620D
.bat.bing.com/	1970-01-21 00:56:49	Name: MR Value: 0
www.clarity.ms/	1970-01-21 09:32:20	Name: CLID Value: ef587cdbd8884324bc9da013c187fd14.20241105.20251105
.linkedin.com/	1970-01-21 02:56:20	Name: li_sugr Value: 1e6802d4-f8d9-4ccc-bd41-83566419113b
.linkedin.com/	1970-01-21 09:32:20	Name: bcookie Value: "v=2&364c2401-daa7-4b3c-8c04-ff556eec7582"
.linkedin.com/	1970-01-21 00:48:10	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3388:u=1:x=1:i=1730804440:t=1730890840:v=2:sig=AQGdlsBL77hmarVTgCPWhUyoMojvQSeI"
.hubspot.com/	1970-01-21 00:46:46	Name: __cf_bm Value: U.ni.OPSNlRc8YNQeAqtZ.77VkEJqTx68KrTKNUXYlI-1730804440-1.0.1.1-t2eAI0qhf5vb.o.MW8GeA3rMIeuB7GwGGZXwUk0l6I48D1jKUsEfA4DYWc.t8GEuc2XLfP5e73guf4e6S72sPg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: vPXwFHxeDkGWLmDTbjj.XYiGMNcehfH4tX3FpkqkGn0-1730804440529-0.0.1.1-604800000
.g2rl.com/	1970-01-21 09:32:20	Name: _clck Value: 1otxqe0%7C2%7Cfqm%7C0%7C1770
.d.adroll.com/	1970-01-21 10:15:32	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 10:15:32	Name: receive-cookie-deprecation Value: 1
.g2rl.com/	1970-01-21 09:32:42	Name: __adroll_fpc Value: cfde1a88ae201a30402854c41739fffb-1730804440697
.linkedin.com/	1970-01-21 01:29:56	Name: UserMatchHistory Value: AQKOpkQiBkNZjwAAAZL7-95C29BRSSK6J-Vmbn4bLfOiXNpW2EpHx9txsR89Mr_pEvjNsQlx4o5HqQ
.linkedin.com/	1970-01-21 01:29:56	Name: AnalyticsSyncHistory Value: AQIDOkX9c8WLDgAAAZL7-95CPjE5XpbqKiDGRDua74pDH6ey27kMfwbs_1axmW8uXGVky2FTM7vcZj9KfFe1eQ
.g2rl.com/	1970-01-21 09:32:20	Name: _hjSessionUser_2290490 Value: eyJpZCI6ImM3MjY3ZGU1LTkxYTctNTJlNi04YTc1LTgxMzcxNTRhYzdlNyIsImNyZWF0ZWQiOjE3MzA4MDQ0NDA3NTIsImV4aXN0aW5nIjp0cnVlfQ==
.g2rl.com/	1970-01-21 00:46:46	Name: _hjSession_2290490 Value: eyJpZCI6IjQ2YWJkYmM4LWZmNTctNGZkMS04ODNhLTIwNDlhM2MxN2EzNyIsImMiOjE3MzA4MDQ0NDA3NTMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.g2rl.com/	1970-01-21 09:32:20	Name: _lfa Value: LF1.1.d80d007f90ac722d.1730804440944
.www.linkedin.com/	1970-01-21 09:32:20	Name: bscookie Value: "v=1&20241105110040d4caaca8-75f8-4eea-866b-f4793573e49fAQHK_I3WjJjsr7tpPw-HVT6IFmgeRgVr"
.linkedin.com/	1970-01-21 00:46:46	Name: __cf_bm Value: H6sva4qFEbmIbOyFqUGk_fsyR9frbXlMtilBLrFFX6U-1730804440-1.0.1.1-KeCrp34sjfB6jbcOHvgKXgyHzfjHYq_jXHZXf1Agi9u4hgEl65fDF.mFyeEtH3nL.savut3kBI.eOGeQWIaJ_w
x.adroll.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.g2rl.com/	1970-01-21 00:48:10	Name: _clsk Value: 3w1sth%7C1730804441073%7C1%7C1%7Cv.clarity.ms%2Fcollect
.g2rl.com/	1970-01-21 09:32:20	Name: __ar_v4 Value: %7C3WZ43R6WAFAM7JXEMV3ATW%3A20241105%3A1%7C2XCWOL76XJHIFCN573YYME%3A20241105%3A1%7CPK4CUYQFKBHZLMNNMCRH2I%3A20241105%3A1
.tapad.com/	1970-01-21 02:13:08	Name: TapAd_TS Value: 1730804441359
.tapad.com/	1970-01-21 02:13:08	Name: TapAd_DID Value: 8e63e415-1f3a-4451-9b61-05d9ed42a502
.casalemedia.com/	1970-01-21 09:32:20	Name: CMID Value: Zyn62dHM430AADVfAKwZAQAA
.casalemedia.com/	1970-01-21 02:56:20	Name: CMPS Value: 953
.casalemedia.com/	1970-01-21 02:56:20	Name: CMPRO Value: 953
.rlcdn.com/	1970-01-21 09:32:20	Name: rlas3 Value: kUjn4mqxcbNygku07TM+4S3vyA3oQIsNA+tcEfMFNGg=
.openx.net/	1970-01-21 09:32:20	Name: i Value: bd8d510a-c9aa-488b-afa5-941bc4674a51\|1730804441
.rlcdn.com/	1970-01-21 02:13:08	Name: pxrc Value: CNn1p7kGEgUI6AcQABIFCOhHEAA=
.3lift.com/	1970-01-21 02:56:20	Name: tluidp Value: 4148124389092001618893
.3lift.com/	1970-01-21 02:56:20	Name: tluid Value: 4148124389092001618893
.pubmatic.com/	1970-01-21 02:56:20	Name: KRTBCOOKIE_10 Value: 22808-MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&KRTB&22883-MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&KRTB&23504-MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA&KRTB&23615-MjU3NzljMzdkNDBiNjg1Mjk4N2UxYjhlODU2OGQyMDA
.pubmatic.com/	1970-01-21 01:29:56	Name: PugT Value: 1730804440
.yahoo.com/	1970-01-21 09:32:42	Name: A3 Value: d=AQABBNn6KWcCEAq9W2JXvrLHznAkfzIrOEgFEgEBAQFMK2czZ9ww0iMA_eMAAA&S=AQAAAht17bR7D0v8U79k6MChfoU
.adnxs.com/	1970-01-21 02:56:20	Name: XANDR_PANID Value: hvba2y39bDDkXRXrkL2XlPtjYbEtUfhVSTa1lQXAMwYr_VDgLmfr6I2A9V-DuT930uqeR-oFoWLLy-vYRW7SD3LpN_4lXpPT0dK3gIWyFTE.
.adnxs.com/	1970-01-21 10:22:44	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:56:20	Name: uuid2 Value: 7565792057871976365
.rubiconproject.com/	1970-01-21 09:32:20	Name: audit_p Value: 1\|tIq4mT5HJxyE4nhxQu7dG3EBhBKYujGjHpPRveGj27ebz16xSA9sXV9ATEB55quYJdRpT66amQWM1KxoLazIt7kxm0k08nop+R4DB+iLIkFRHRQnme6hNzBV7SO/1IiCLzF3afj48Yup708DmUAZXzzFRD7OwC0lLJChHr7LFLQrvqenubAoUw5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 09:32:20	Name: khaos Value: M34C9Y94-1F-HL45
.rubiconproject.com/	1970-01-21 09:32:20	Name: khaos_p Value: M34C9Y94-1F-HL45
.rubiconproject.com/	1970-01-21 09:32:20	Name: audit Value: 1\|tIq4mT5HJxyE4nhxQu7dG3EBhBKYujGjHpPRveGj27ebz16xSA9sXV9ATEB55quYJdRpT66amQWM1KxoLazIt7kxm0k08nop+R4DB+iLIkFRHRQnme6hNzBV7SO/1IiCLzF3afj48Yup708DmUAZXzzFRD7OwC0lLJChHr7LFLQrvqenubAoUw5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 02:56:20	Name: receive-cookie-deprecation Value: 1
.taboola.com/	1970-01-21 09:32:20	Name: t_gid Value: ecea4413-bcca-464b-8edf-80eb73c7e61b-tucte238059
.taboola.com/	1970-01-21 09:32:20	Name: t_pt_gid Value: ecea4413-bcca-464b-8edf-80eb73c7e61b-tucte238059
.doubleclick.net/	1970-01-21 10:22:44	Name: IDE Value: AHWqTUmlEZAxcwCW1hHlzFYzMAe7EQZk4MW4x6q_taDN91untU4HCtmryqgN0ja9aXk
.analytics.yahoo.com/	1970-01-21 09:32:20	Name: IDSYNC Value: 1770~2lnm
.d.adroll.com/	1970-01-21 10:15:32	Name: __adroll Value: 25779c37d40b6852987e1b8e8568d200-g_1730804441-a_1730804440
.adroll.com/	1970-01-21 10:15:32	Name: __adroll_shared Value: 25779c37d40b6852987e1b8e8568d200-g_1730804441-a_1730804440
.adnxs.com/	1970-01-21 02:56:20	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GVPu'dFK!]tbPl@/@8$-^=$UfYl8[6Ob3>9tkz=#*DQ?q6t(ayS'G`^cZVFPUL7:_T8Z[3.nED(>(gYZT0]gFP9e3If)y3KL9D3I?+So?nYN
.adsrvr.org/	1970-01-21 09:32:20	Name: TDID Value: 57e8889e-467f-488c-9c20-3d980b8e1aed
.pippio.com/	1970-01-21 09:32:20	Name: did Value: e8TAGUo5tl6LZJqF
.pippio.com/	1970-01-21 09:32:20	Name: didts Value: 1730804441
.pippio.com/	1970-01-21 02:13:08	Name: nnls Value:
.pippio.com/	1970-01-21 02:13:08	Name: pxrc Value: CNn1p7kGEgYIgr0rEAA=
.adsrvr.org/	1970-01-21 09:32:20	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjg-8Tz4-S-PRAFGAUgASgCMgsIhuD_n_rkvj0QBTgB
.tapad.com/	1970-01-21 02:13:08	Name: TapAd_3WAY_SYNCS Value: 1!7451
.c.bing.com/	1970-01-21 00:56:49	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:08:20	Name: SRM_B Value: 3D4193A86A42633D0AB086866BFC620D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:08:20	Name: MUID Value: 3D4193A86A42633D0AB086866BFC620D
.c.clarity.ms/	1970-01-21 00:56:49	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:46:45	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://forms.hsforms.com/embed/v3/form/9133996/9d856245-8b49-416b-a591-9087524e78d0/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	Message: [Report Only] Refused to frame 'https://www.google.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9133996.fs1.hubspotusercontent-na1.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.callrail.com
cm.g.doubleclick.net
connect.facebook.net
content.hotjar.io
csp.withgoogle.com
cta-service-cms2.hubspot.com
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
g2rl.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
js.hscta.net
js.hsforms.net
match.adsrvr.org
meetings.hubspot.com
obseu.bzcclandlord.com
perf.hsforms.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
sc.lfeeder.com
script.hotjar.com
snap.licdn.com
startg2rl.com
static.hotjar.com
static.hsappstatic.net
sync.outbrain.com
sync.taboola.com
tr-rc.lfeeder.com
ups.analytics.yahoo.com
us-u.openx.net
v.clarity.ms
vc.hotjar.io
www.clarity.ms
www.clickcease.com
www.facebook.com
www.g2rl.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
x.adroll.com
x.bidswitch.net
csp.withgoogle.com
104.18.141.119
104.18.36.155
104.18.80.204
104.19.175.188
107.178.254.65
108.138.106.49
13.107.42.14
13.33.252.124
13.35.93.91
141.226.224.48
142.250.65.195
142.250.80.100
142.251.32.98
142.251.41.3
15.197.193.217
172.67.182.110
18.164.96.90
20.110.205.119
20.114.189.135
2001:4998:14:800::1001
2600:141b:1c00:6::17df:d10d
2600:1f18:61c0:2205:cf15:7f8d:3d18:6b74
2600:1f18:61c0:220c:e0d8:1526:957f:3fdd
2600:9000:2141:4000:4:d7e1:700:93a1
2600:9000:23cb:5c00:6:9280:1080:93a1
2600:9000:2807:ea00:15:a0d3:77c0:93a1
2606:4700:4400::ac40:9284
2606:4700:4400::ac40:92d7
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6811:24cf
2606:4700::6811:ae5b
2607:f8b0:4006:807::200e
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81c::200e
2607:f8b0:4006:820::2008
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:33:1::10
2620:1ec:c11::237
2a03:2880:f112:83:face:b00c:0:25de
2a05:d018:56f:b800:f42c:e894:1fb0:3740
3.168.122.82
3.215.27.253
31.13.71.7
34.111.113.62
34.174.47.50
34.247.247.224
35.211.202.130
35.244.154.8
35.244.159.8
35.71.139.29
68.67.179.155
69.173.146.5
70.42.32.191
8.28.7.83
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
0209de090ef97534811361ed4b2a7438ce52a68f1414bc2befabffbfd8000482
07b09e81ab00ae1afcd4d740bd58a24a5bdebd799cfd3d50c34baf8d9cd299c0
07bbce37083a40832a43ef761a6039832a82a0d07005392585a13a11e2f57b88
0b481e105dca7e441a62cc4e684518ba50421328ff5c3ad7da7f7b5b8769fd6b
0b93c57fcf0a1cfcddb69483483665fc22cb8f6ab4fc874d49fcaa5e1281128b
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
105314c2b5fbd4132702401c9978a400c15506f0a29c3b1d220adcbbfcae3e24
1056d68f706581190004d1725450ee67e8417d2014a459d7770f810a3d9e7458
12ff790a17c7e80011c1a3481ccfe3640f5f90bd981574fda88509ca9f22850d
152f651b66442272c8087221dd05cc69d68216a951115f3038e64c80f3939aef
17368965f08a2077d8d06187f3b0bfd250fbdea3fc0b11d3ab758f46ccae7610
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
19bea8d13b5a8a0eb62201ca77dd46ecaee5a919f8540276d1b5f594d847ce48
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b0949914706f619a8350a243f3cd46c6053ecb64530f465e7b558b27c42518a
1c7846f787c14e2f934db8e872d40c6c1bf83b3169ce7ddcb05d21b95d9df6ba
1dd16c1f77fdff40ca0bcd500b5fb44bc88c54b77562c12431b5af4b860a933b
1e1a851e6a890ac83efcfa06697c5ad41d0626b1963034e4e10c3b5f4671e086
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
28d52b46d6134dddfe78aa45e66d0f637383a4b0690d973fa4650d3db62329fb
2d40ba49c7905d23f0b3b922d2eeee1af4836047a238aa8e3ea8ab35cba138a6
34698d431ea9a63c14f89d592ea86fe5d8ef4d79fe02a23d44081d7a5cb30930
3a3f96f43c85e2de8e6510cba7861ff1deaa5a19906bfa1797b203c0bbe06775
3e9b946627b24b2f8adddbe7cb098c0725bd20bcaf390f3ead267efc0b8636b8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452f4eb2800bff5b7af11064df3206ef0fb05920e35cbc34295c88d57d1a1264
46d02a869720d931497398ddde2c0f44aa1fe77ed1607dc2bcbbe37649e067b7
4970e8b88bd8e9e193b45e218fd917da627d6f7454c7252612b6716f5a1376cd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd32a9d86ff5386d55ccd2556d23898e6da13329a6252c4fa1453f27945475f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
51c8e3a5ec1bdefa1f4ccecac4fab42e61a55202172cb174cdceaa6c24e785e0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5930a52161b55c3cc516d1de6a91382d4b6b0f8f6dbda6727675f86817b658c3
5a2a5cc7fd27bd3d00ab2d5cebf9c6bbdd8b347e29658b97ad8efa74f8eecefd
5f058740028c818b25481b7f4b300628c19a6ad7e68eb7c7b8bde51911c1ce24
620bd01c4c002f0889fdc659369a7b16f69ab51e0972d53baefd0798e2e09469
6537d424d08624ed34767dccb1784a69b1c675b6d0ed92516a70730fc9398a25
662bed428b1e907d07416345e7493715f2e3584758b760b461637a19ddbca745
663bb98e654c126933a885a4b190add161e087ebba85e53e15edbe0cc78cf440
6641e2c1eb0f753b5903ae672fc1bde19de32d4c70784245ddb94f61380d1a5c
66477d55d55565b434250e8a96d2e37968b1b2b29303fb2129f30f9869e7dc89
69e3177c40e44eb0a1f234b08552451bcc55302ac19869f7c3643922e36a9e3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6cbfddb4735bdca8b4d594c0222541a0aa1f53ee6b4359647960ed164f595863
6fde12a4092ef35e194ac3f5f7f85556c3f52bff2dc2fe8e7e1d8dd3857e2865
7c5a8ce140130a62a181c2798f7d5a9c3f109de8e106530a5f394b99e437d4dc
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
8504f84d408b3a42dc3b6171879ed28e90eb8da78ba10843e9f838206eb5f419
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
897281e82dc9f3929360fc185b9e5c2bdb71d285d712ba976389dd789ac54d65
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b50931930070aaa08b1fe3452eefd96d627a359bdb1d845854116acbd20924f
8d65771deefca4247d44c517165cf3a98aa1fd68f7ee8da1d6a9b116cb31f244
8f793d8642f369bc67bf0554717fdf70f7eaf80d7d2e0c85013931669807decf
8faa582b2586dd180453b52e2cdd6db8561963461b84af8602e4918c8a490157
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
928ae3ed0db26f4c242f351a3cf42beabe25155bf00b42a93c0058fcdc9f503c
994b984ac2bf31f1cc1b5f3979584572cfaae4682ed9f67022056ae025874ebb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8e31f4a485a515f743e6694851e04fe06871a72e423847c0a568f43321793b
9fa38455f9426d4d8227a364386f76bff582c419bdb3dca88a2f3378001809cc
a06c603b0c764d48edec70e90931e2189f7e24f08cbc46e262964c67a1575a74
a1275d08b2a26c249f9a1b3e35bd08e69af5e4ddf1281b4ee0f933269d6e409f
a3ab12919de2f006ed612940a614e675ec93fd24aab3e46747760c9dfae68f91
a4dd74d67bdd108deb8868c75271a8007dbb11e1183fe1fc108a2a22521f1693
a5bb856654de837ac686dfa1f62d0a6b40b0f2d86adf90e2ae94354a392a3af7
a614dbe8ef4881f08eea0c25b429dcaa5c4e90a075f6ed203db32d8f6f9ca0a0
a6df639a6a97f6e57f640548bdc09b0ca4dd74c3e47bcca7028d93b9f0a1e85b
a92623f7e133847ad13d9c6133bf4d64c88df8389c35cadd91ca9c3d7ff4a1ae
aa0052394b6dacfa2d8311f779720398f31332696007c72020de90e26bcc0872
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aaeaaae09aa6f3a7ec8995204a240f1553951f8e76010f07ccb718b520410245
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b06d9fe09c06e3241809a6e2c15d373eae2de182880b0ac30547bb36df521dd0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b
b6647f7cf292b255d218b39eff4ca4f223229ea1ace307a730419ad80ea315a5
b92ea15691364495f300799654a6763e77222e489252adbc63963f1aa79f0b4d
b9ac7844768279a91ae7b2d737ef0455e6d69c67c917defd7bfee81858d43f6d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd34162e8a91accabc4a28aa4fd7f5ee7a085d934fdf8f78dcfa38378c20f270
bd7bae1d36ffa1e910542f233582022bf7bfa9c9c313cc033e6f7fc322da57e9
c06dad8629705c39e74281b2b01e02a3f62b8d2b543b3970b9293c6e706ce1b0
c1131d6d98484c0e74b8852c8f4ba50926fa27f6c85fb6d326da22091a8a1f9a
c528907dcbf84fc70d2b5b05506695d3dcdaf327677aeb71194095fb22c9c6ec
c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132
ca8e57ec3ed2595abb3b64a95bbeec118ef3fae847e11071b1d22f5c99de0f8e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb7d5e85b33db386c0baed2caa251913c16724908884bce34b7c9a9ec89f7510
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d6ce3851cd01c07c44e286dd874a4d7b10e0d5b27f5aebc48ee6fd48ae5b0331
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc2a86777e91021d540a99efc69650a1e8864f048ab071961723900ec9029118
dee076e4dd2c0186f33f2d346169e2656303e32713951b9764b58de3814a396b
e02a866017333ce56a2e14fd0e21c4a5c55957e1e340ca9c07c5ac0d3fe17d76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0255dfa7ba4dc44005924403057d33632af575898f93a02530fd260fd507e48
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f1ad7f541337269a6a9d5ef95c31853c49bd2734162a65589eac30690eab1a7f
f27c3d82d99f657ce645b229624fc22622642901431ab8efb801f85ca382fa08
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fa6b96fc0c729315461c6a84f8984a7969962977a3b21055c5f18b0068c5f9bd
fb920c9b839d00bbf731a303dcb12dd62d577a62a61691cab49a0c788659781a
fd04f0f5e2e88de7e2dd96f35f6064aa59e93db3b517417831d003d5d0039011
fd6cdeb254f5369330b00aa8b40c774e600a8e303efa6f18503facbc0cb916bf
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

g2rl.com Open in urlscan Pro 34.174.47.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

185 Requests

90 %HTTPS

41 %IPv6

43 Domains

59 Subdomains

50 IPs

3 Countries

2112 kBTransfer

7097 kBSize

78 Cookies

4 Outgoing links

Page URL History

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

g2rl.com Open in urlscan Pro
34.174.47.50 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

90 %
HTTPS

41 %
IPv6

43
Domains

59
Subdomains

50
IPs

3
Countries

2112 kB
Transfer

7097 kB
Size

78
Cookies

185 HTTP transactions
2 data transactions