www.theredmondcloud.com Open in urlscan Pro
104.196.38.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.theredmondcloud.com/
Submission Tags: @phishunt_io
Submission: On April 13 via api (April 13th 2021, 11:07:22 pm UTC) from ES

Summary HTTP 112 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 15 domains to perform 112 HTTP transactions. The main IP is 104.196.38.237, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is www.theredmondcloud.com.
TLS certificate: Issued by R3 on March 9th 2021. Valid for: 3 months.

This is the only time www.theredmondcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.196.38.237 104.196.38.237	15169 (GOOGLE) (GOOGLE)
36	108.161.188.228 108.161.188.228	33438 (HIGHWINDS2) (HIGHWINDS2)
3	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a010	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	198.145.13.14 198.145.13.14	2044 (IINET-2044) (IINET-2044)
1	34.208.10.33 34.208.10.33	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2012	15169 (GOOGLE) (GOOGLE)
1	172.217.23.114 172.217.23.114	15169 (GOOGLE) (GOOGLE)
112	23

7 104.196.38.237 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 237.38.196.104.bc.googleusercontent.com

www.theredmondcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 108.161.188.228 (United States)

ASN33438 (HIGHWINDS2, US)

2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (United States)

ASN2044 (IINET-2044, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.10.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-10-33.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.114 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f18.1e100.net

p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	netdna-ssl.com 2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com	445 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	450 KB
12	doubleclick.net googleads.g.doubleclick.net	75 KB
10	gstatic.com fonts.gstatic.com p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com www.gstatic.com p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com	104 KB
7	theredmondcloud.com www.theredmondcloud.com	1004 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	stripe.com js.stripe.com m.stripe.com	56 KB
3	google.com 2 redirects adservice.google.com www.google.com	701 B
3	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
1	stripe.network m.stripe.network	12 KB
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	646 B
1	googletagmanager.com www.googletagmanager.com	38 KB
112	15

	Domain	Requested by
36	2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com	www.theredmondcloud.com 2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	www.theredmondcloud.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.theredmondcloud.com	www.theredmondcloud.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.theredmondcloud.com googleads.g.doubleclick.net
3	js.stripe.com	www.theredmondcloud.com js.stripe.com
2	www.google.com	2 redirects
2	p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com
1	p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	in.getclicky.com	static.getclicky.com
1	m.stripe.network	js.stripe.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.theredmondcloud.com
1	static.getclicky.com	www.theredmondcloud.com
112	23

This site contains links to these domains. Also see Links.

Domain
www.windows10xnews.com
www.crypteligence.com

Subject Issuer	Validity	Valid
www.theredmondcloud.com R3	`2021-03-09` - `2021-06-07`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-01-19` - `2021-05-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-20` - `2021-05-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.theredmondcloud.com/
Frame ID: 9ED92710EB942E4BC2595D55F22D79DF
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html
Frame ID: 830D9BDFC177E019245B183CCB5A3D6E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: 54474ABEE505ED044FE759EC6C2EFE5C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=1762806521&adk=1736106897&adf=2093108174&pi=t.ma~as.1762806521&w=970&lmt=1618355224&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224052&bpp=11&bdt=253&idt=110&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6544629059056&frm=20&pv=2&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nqxbXcghr1&p=https%3A//www.theredmondcloud.com&dtd=128
Frame ID: 1F98C3A93905B9BC37CAC0706CC4EB5E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131
Frame ID: BD9CDCCAD4189CAEEB7C2B6E3B4036C5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136
Frame ID: 2974269A872B32E345E0373EB9888AF5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&adk=318159125&adf=2184669829&lmt=1618355224&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618355224099&bpp=1&bdt=300&idt=108&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230%2C305x250&nras=1&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113
Frame ID: 39BE9659834B6561F12777936368F1A0
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5938795BC4C83287D9A0EE51AEDB09EE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7F1926100CA315937E1705FE306A32EB
Requests: 2 HTTP requests in this frame

Frame: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 06153949BABBA7AC77EBF14097E8687E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DBD91988C68CF3812DA6935C2D85A0DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Frame ID: E0C0B2306622A5B0BF811DE78B81B7AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Frame ID: B55166835CD717D3E005884E19B01762
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Frame ID: 40F475B3C89FCDF771610032587D920D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F370C166BC19F3514034DE6C6288D252
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

112
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

23
Subdomains

23
IPs

2
Countries

2348 kB
Transfer

4241 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.windows10xnews.com/
Title: Windows 10x news

Search URL Search Domain Scan URL

URL: https://www.crypteligence.com/
Title: Cryptocurrency News

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

112 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.theredmondcloud.com/ 159 KB
33 KB 373ms
136ms Document
text/html 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

237.38.196.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

4703b5a2f2f37247e92d3e29075208387813a64c2c67f8cc99d5e2881d640754

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.theredmondcloud.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 13 Apr 2021 23:07:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
content-security-policy: upgrade-insecure-requests
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://www.theredmondcloud.com/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 2
x-cache-group: normal
content-encoding: br

GET
H2 200 style.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 87ms
22ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 16:09:25 GMT
server: NetDNA-cache/2.2
etag: W/"603d11b5-c88a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bbpress.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/bbpress/templates/default/css/ 29 KB
5 KB 88ms
24ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 16:42:38 GMT
server: NetDNA-cache/2.2
etag: W/"5fa9717e-75bd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 edd.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/easy-digital-downloads/templates/ 19 KB
4 KB 94ms
30ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/easy-digital-downloads/templates/edd.min.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2813932abb93f10a530d90a7577873f127b8ebceb47d72f8523da0cacab917f4

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 17:29:25 GMT
server: NetDNA-cache/2.2
etag: W/"5f7a0675-4d8f"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/social-warfare/assets/css/ 85 KB
11 KB 100ms
36ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/social-warfare/assets/css/style.min.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5820216486981914837a6b4f07dc46f6969a726d301a867b6043b149fab43ec7

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 20:38:24 GMT
server: NetDNA-cache/2.2
etag: W/"5fd28740-155ed"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpp.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 1 KB
791 B 100ms
37ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 18:35:47 GMT
server: NetDNA-cache/2.2
etag: W/"5f4d4303-5e5"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/ 53 KB
11 KB 104ms
41ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/style.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5ed40c0627a5ef21689421b3a27a4cf1012fb77c8850c22ac224c1c3e92417d0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-d54c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific-popup.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/ 6 KB
2 KB 108ms
45ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/magnific-popup.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c207bd82a7804c83a03365145221aa699e09a034b14e34a5ee4cd83b09101006

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-1714"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/ 26 KB
6 KB 107ms
45ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/font-awesome.min.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7060a345165365aecc9b61f4d184318876c3bd1f7ff90d54f5b8bb1ef2c1e30c

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-6826"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 responsive.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/ 12 KB
3 KB 108ms
46ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/responsive.css
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 97054540a430d31194e4f5559caaee654aa693c169253dc680133247ec157482

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-2e87"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 smartslider.min.css
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/ 23 KB
4 KB 104ms
42ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/nextend-smart-slider3-pro/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=a96b01e9
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 33e484423ef906a2b9ba964682e174bb252c3fed27676461a686dd2e21834c68

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 16:09:46 GMT
server: NetDNA-cache/2.2
etag: W/"603d11ca-5c8c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 87 KB
31 KB 112ms
51ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: NetDNA-cache/2.2
etag: W/"5f7dedd5-15d98"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 11 KB
4 KB 109ms
47ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: NetDNA-cache/2.2
etag: W/"5fb63b61-2bd8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpp.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 108ms
47ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 18:35:47 GMT
server: NetDNA-cache/2.2
etag: W/"5f4d4303-a3a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 customscript.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ 8 KB
3 KB 23ms
19ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/customscript.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: aea051e0c9f1773af8ad11912ca04c1b2ec6ff83011d3cd894be655f2cbec445

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-20c8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 / Show response
js.stripe.com/v3/ 223 KB
53 KB 29ms
28ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20ca6860d6089c3a34adda462894781d12feed8f309032579794f8600150fdea

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: br
vary: Accept-Encoding
age: 124
via: 1.1 varnish
x-cache: HIT
content-length: 53918
x-amz-id-2: 2CUJNTqo8yx4WlNE2T0vf1ts0ol/wJHWyyV2EVNznlbjsGvADZg6SddrjvyqN3C2gj0F3wUmsP0=
x-served-by: cache-fra19139-FRA
timing-allow-origin: *
last-modified: Tue, 13 Apr 2021 18:21:43 GMT
server: AmazonS3
etag: "442106091c15f621443eaf76757d4021"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: DTQWFV81VRJCYTG2
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2

GET
H2 200 css
fonts.googleapis.com/ 2 KB
633 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700&subset=latin

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffe7c3d559780b916266217b3683f10a7edbc655d5e11149a36e6f74af8fc68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 21:32:55 GMT
server: ESF
date: Tue, 13 Apr 2021 23:07:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 23:07:03 GMT

GET
H2 200 9dea91411573e6198791926ade13193e.js Show response
www.theredmondcloud.com/wp-content/cache/nextend/web/combined/ 467 KB
131 KB 147ms
143ms Script
application/javascript 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.theredmondcloud.com/wp-content/cache/nextend/web/combined/9dea91411573e6198791926ade13193e.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.38.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cea7cfde089438b5395a868096511840b97ef43ce47ac500e1b3176965bfbf15

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: br
last-modified: Mon, 01 Mar 2021 16:11:32 GMT
server: nginx
etag: W/"603d1234-74bd9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 trclogov2.png
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2020/03/ 38 KB
39 KB 25ms
21ms Image
image/png 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2020/03/trclogov2.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2360f334f39b398c05a9aad6a8398afc785ec2a83734937a39f2d31e33b7ac2d

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
last-modified: Fri, 13 Mar 2020 23:55:19 GMT
server: NetDNA-cache/2.2
etag: "5e6c1d67-9956"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39254

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48496
x-xss-protection: 0
server: cafe
etag: 14493341862605126176
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 23:07:03 GMT

GET
H2 200 /
www.theredmondcloud.com/windows-10-build-21354-moves-paint-to-the-store/ 0
28 KB 286ms
283ms Other
text/html 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theredmondcloud.com/windows-10-build-21354-moves-paint-to-the-store/

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

237.38.196.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-pingback: https://www.theredmondcloud.com/xmlrpc.php
pragma: no-cache
date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: br
x-cacheable: SHORT
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 1
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=600, must-revalidate
content-security-policy: upgrade-insecure-requests
link: <https://www.theredmondcloud.com/wp-json/>; rel="https://api.w.org/", <https://www.theredmondcloud.com/wp-json/wp/v2/posts/87479>; rel="alternate"; type="application/json", <https://www.theredmondcloud.com/?p=87479>; rel=shortlink
x-cache-group: normal

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 31ms
12ms Script
text/javascript 2606:4700::6810:a010
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 361496
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-ray: 63f85935cfa54edf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT
cf-request-id: 096f16159d00004edfdb280000000001
expires: Tue, 20 Apr 2021 23:07:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130229313-1

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20a8b54626d37aa740978e5136dfa8df0865c34e1277a5c57746baf0f24517f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39120
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 22:07:30 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Apr 2021 23:07:03 GMT

GET
H2 200 edd-ajax.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/easy-digital-downloads/assets/js/ 11 KB
3 KB 19ms
19ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/easy-digital-downloads/assets/js/edd-ajax.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: df60a44a912c6e77c0a7b906b37ceac33498487a641b89520ddbf98dd6557cdb

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Sun, 04 Oct 2020 17:29:25 GMT
server: NetDNA-cache/2.2
etag: W/"5f7a0675-2ad0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 script.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/social-warfare/assets/js/ 17 KB
5 KB 20ms
19ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/social-warfare/assets/js/script.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 244de6960388f992e43c07685dd8c7ca1ee4424d85874a72036f2f8e692bbd7b

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Dec 2020 20:38:24 GMT
server: NetDNA-cache/2.2
etag: W/"5fd28740-4426"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 3 KB
2 KB 23ms
18ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 15:53:17 GMT
server: NetDNA-cache/2.2
etag: W/"6041026d-b69"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1016 B 23ms
18ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 16:09:25 GMT
server: NetDNA-cache/2.2
etag: W/"603d11b5-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.magnific-popup.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ 21 KB
8 KB 27ms
24ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/jquery.magnific-popup.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c5e507cdd056c590258573b14fed0c8232ca65e2ebf4712cc19f30333295d3a4

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-538c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sticky.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ 3 KB
1 KB 27ms
25ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/sticky.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 713d74f1be4a1d106569bed12251797f9a2ff5aacd70457e5f2539085da3b9c2

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-b7c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 layzr.min.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ 3 KB
1 KB 27ms
25ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/layzr.min.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ea0d8246003aac1525f0bb5faa6289a8bb109a12eff74a6d9a03d9bdecfd393

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-c44"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ajax.js Show response
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ 21 KB
6 KB 27ms
25ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/js/ajax.js
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 634d16acdf3bf6bc5dcaea163bf6812a1940ef8c0532cd853d5d8fb2e64e849b

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:03 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: W/"5e6c1e1f-5373"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fontawesome-webfont.woff2
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/fonts/ 63 KB
63 KB 57ms
18ms Font
font/woff2 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/fonts/fontawesome-webfont.woff2
Requested by: Host: 2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com
URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Origin: https://www.theredmondcloud.com
Referer: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/themes/mts_authority/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Fri, 13 Mar 2020 23:58:23 GMT
server: NetDNA-cache/2.2
etag: "5e6c1e1f-fbd0"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 64464

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theredmondcloud.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 93074
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:49 GMT

GET
H2 200 windows_10_wallpaper_light-200x200.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/03/ 11 KB
11 KB 19ms
19ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/03/windows_10_wallpaper_light-200x200.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 64a75b34d51e75a9d0f61d281ad06421202c30f06c1a2339d7a2347ddcb84f3e

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 17 Mar 2021 23:22:51 GMT
server: NetDNA-cache/2.2
etag: "60528f4b-2b58"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11096

GET
H2 200 microsoft_build-200x200.png
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/ 41 KB
41 KB 21ms
20ms Image
image/png 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/microsoft_build-200x200.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0f174ddc83a9dcca56c451c576229ece9eefbb801889f9196f4e5ac243239ae2

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 07 Apr 2021 11:28:22 GMT
server: NetDNA-cache/2.2
etag: "606d9756-a3c6"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 41926

GET
H2 200 azure-200x200.png
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/ 56 KB
57 KB 26ms
25ms Image
image/png 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/azure-200x200.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0bb28d10bb7d897850b85fa634fffdeb90460d70a136d06e686c2ee64a9f33b3

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 07 Apr 2021 11:28:10 GMT
server: NetDNA-cache/2.2
etag: "606d974a-e1bb"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 57787

GET
H2 200 windows_10_mail_app_concept-200x200.png
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/ 21 KB
21 KB 20ms
19ms Image
image/png 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/windows_10_mail_app_concept-200x200.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7ac3275a0e2bdc1b6aafa03edeca0c12d03cdc943c20f785b139069317b8d147

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 05 Apr 2021 18:08:16 GMT
server: NetDNA-cache/2.2
etag: "606b5210-531b"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21275

GET
H2 200 windows_10_wallpaper_gray-200x200.png
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/ 11 KB
11 KB 21ms
21ms Image
image/png 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/windows_10_wallpaper_gray-200x200.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9c81c186462a0ddff9d9cef0552891818e264148450fe68c99c550617df77a97

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 05 Apr 2021 18:03:55 GMT
server: NetDNA-cache/2.2
etag: "606b510b-2c23"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11299

GET
H2 200 windows_10_drivers-200x200.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/ 17 KB
17 KB 24ms
23ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/windows_10_drivers-200x200.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5ef04a0233bfa27032d084a46b9472354511b0f9cfe9cf7d417121f4ec64e4c3

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 05 Apr 2021 18:02:19 GMT
server: NetDNA-cache/2.2
etag: "606b50ab-4217"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16919

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/ 222 KB
83 KB 56ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735085123720819&plah=www.theredmondcloud.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84808
x-xss-protection: 0
server: cafe
etag: 12939789125640300468
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/ Frame 830D 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210412/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Apr 2021 17:54:56 GMT
expires: Tue, 27 Apr 2021 17:54:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 18728
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame 5447 215 B
617 B 29ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

x-amz-id-2: agiZD3goppij1vHb5F6pWexjWf7M1/HNRlEcfJLXRsj5UNaBCHLoOgV/HJfINtDb+vVIfsntFDc=
x-amz-request-id: J7JDKG3YX1YYQN7K
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
etag: "0cba8a995d163797499ab006bbb6b889"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
accept-ranges: bytes
date: Tue, 13 Apr 2021 23:07:04 GMT
via: 1.1 varnish
age: 128
x-served-by: cache-fra19139-FRA
x-cache: HIT
x-cache-hits: 94
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 215

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d902639ff159c291e4c4e266f3b64fd3b3ed236477a5a6479aafda8a4253fbab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 85328-featured-75x75.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/ 12 KB
12 KB 20ms
19ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/85328-featured-75x75.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9bd8e86326e4ea0220a64f4b71c334ca8384d4ffe0754412132f9f5a07ff7a9c

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Fri, 01 Jan 2021 02:38:49 GMT
server: NetDNA-cache/2.2
etag: "5fee8b39-30de"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12510

GET
H2 200 84305-featured-75x75.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/ 21 KB
22 KB 22ms
20ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/84305-featured-75x75.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c457b8777f88e46f624630253cd95b1ceddd445ec43236751aa723e97788d354

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 15 Apr 2020 17:58:13 GMT
server: NetDNA-cache/2.2
etag: "5e974b35-553d"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21821

GET
H2 200 86039-featured-75x75.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/ 12 KB
12 KB 24ms
22ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/86039-featured-75x75.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d999110be8b0ac267282cceeaa57be64ee879f54e39e0ce3d776e0c589f7ba7

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 27 Jul 2020 13:10:25 GMT
server: NetDNA-cache/2.2
etag: "5f1ed241-3046"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12358

GET
H2 200 no_thumb.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/images/ 2 KB
3 KB 24ms
23ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/plugins/wordpress-popular-posts/assets/images/no_thumb.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ec2b74ad32b648473333db6a8ea99c4c5ca8012a9ad9d30696fca840791f5bab

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 31 Aug 2020 18:35:47 GMT
server: NetDNA-cache/2.2
etag: "5f4d4303-974"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2420

GET
H2 200 85384-featured-75x75.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/ 2 KB
2 KB 24ms
23ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/85384-featured-75x75.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8b3a13a285d5cba35918ef8442b9e814f429b18099b3bcf761903627646374de

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Thu, 28 May 2020 01:46:27 GMT
server: NetDNA-cache/2.2
etag: "5ecf17f3-6c8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1736

GET
H2 200 84746-featured-75x75.jpg
2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/ 11 KB
12 KB 24ms
23ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-content/uploads/wordpress-popular-posts/84746-featured-75x75.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c7464aacb85cee0b0e538f1bb2e7c43ff37bab24288eed484e8aa69c48d47c27

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 03 Feb 2021 08:00:08 GMT
server: NetDNA-cache/2.2
etag: "601a5808-2d7c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11644

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130229313-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 830
date: Tue, 13 Apr 2021 22:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 14 Apr 2021 00:53:14 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
646 B 110ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.theredmondcloud.com&callback=_gfp_s_&client=ca-pub-9735085123720819

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210412/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735085123720819&plah=www.theredmondcloud.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

224b55233ae7e7d0bc166237c4c32e32f72da47ceb28a4531491782798514bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theredmondcloud.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theredmondcloud.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F98 69 KB
23 KB 681ms
668ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=1762806521&adk=1736106897&adf=2093108174&pi=t.ma~as.1762806521&w=970&lmt=1618355224&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224052&bpp=11&bdt=253&idt=110&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6544629059056&frm=20&pv=2&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nqxbXcghr1&p=https%3A//www.theredmondcloud.com&dtd=128

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8acf22af53908453fd0138b9826406679d5cb670241f67864810a23d66b6f924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=1762806521&adk=1736106897&adf=2093108174&pi=t.ma~as.1762806521&w=970&lmt=1618355224&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224052&bpp=11&bdt=253&idt=110&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6544629059056&frm=20&pv=2&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nqxbXcghr1&p=https%3A//www.theredmondcloud.com&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 23:07:04 GMT
server: cafe
content-length: 23530
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 23:22:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD9C 68 KB
25 KB 351ms
351ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a62c5acae3f0154078dc161d5fa42af8e978733ae856871744a157126f7c9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 23:07:04 GMT
server: cafe
content-length: 25433
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 23:22:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2974 57 KB
21 KB 517ms
516ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c18bdaadde09ddabb38917587b893fc5be72e11f80136a59f5cdfc760cc3968b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 23:07:04 GMT
server: cafe
content-length: 21695
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 23:22:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5447 1 KB
2 KB 28ms
28ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
via: 1.1 varnish
vary: Accept-Encoding
age: 114
x-cache: HIT
content-length: 1438
x-amz-id-2: 7nG+ZbFcvr5Silm+ckOryNC5KWo2caayU+jDrDZ/AlgxF2yYz86bRFuhUoz7daBdFIEypo8ztcA=
x-served-by: cache-fra19139-FRA
timing-allow-origin: *
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
etag: "356a16407e7a019ffdf35f454b7438a9"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 5EWN6ZFCMGABM84P
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 83

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 39BE 54 B
596 B 66ms
66ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&adk=318159125&adf=2184669829&lmt=1618355224&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618355224099&bpp=1&bdt=300&idt=108&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230%2C305x250&nras=1&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9735085123720819&output=html&adk=318159125&adf=2184669829&lmt=1618355224&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618355224099&bpp=1&bdt=300&idt=108&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230%2C305x250&nras=1&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 13 Apr 2021 23:07:04 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 23:22:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
73 B 13ms
12ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=2144310203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theredmondcloud.com%2F&ul=en-us&de=UTF-8&dt=The%20Redmond%20Cloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1560178660&gjid=1101761280&cid=114515015.1618355224&tid=UA-130229313-1&_gid=288145071.1618355224&_r=1&gtm=2ou3v0&z=891437665

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theredmondcloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5938 33 KB
12 KB 22ms
21ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Apr 2021 23:07:04 GMT
age: 43
x-served-by: cache-sea4438-SEA, cache-hhn4071-HHN
x-cache: HIT, HIT
x-cache-hits: 2, 28
x-timer: S1618355224.272679,VS0,VE0
vary: Accept-Encoding
content-length: 12226

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
686 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin

Requested by

Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/wp-content/cache/nextend/web/combined/9dea91411573e6198791926ade13193e.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 21:35:47 GMT
server: ESF
date: Tue, 13 Apr 2021 23:07:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H2 200 windows_10_wallpaper_light.jpg
www.theredmondcloud.com/wp-content/uploads/2021/03/ 49 KB
49 KB 117ms
117ms Image
image/jpeg 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theredmondcloud.com/wp-content/uploads/2021/03/windows_10_wallpaper_light.jpg
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.38.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 743ff50a70730b41ec4d787a6dccdf5aecdcfa833a7e2c6580853b08ee76f0f5

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 17 Mar 2021 23:22:51 GMT
server: nginx
etag: "60528f4b-c4d1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50385

GET
H2 200 microsoft_build.png
www.theredmondcloud.com/wp-content/uploads/2021/04/ 222 KB
222 KB 137ms
137ms Image
image/png 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theredmondcloud.com/wp-content/uploads/2021/04/microsoft_build.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.38.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba3e36ed3e75e98807e60bdea73a432f9ca3a378bc5aa05d172c652c914cb6a3

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 07 Apr 2021 11:28:22 GMT
server: nginx
etag: "606d9756-37812"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 227346

GET
H2 200 azure.png
www.theredmondcloud.com/wp-content/uploads/2021/04/ 392 KB
392 KB 216ms
216ms Image
image/png 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theredmondcloud.com/wp-content/uploads/2021/04/azure.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.38.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 09ed0b90792b75d8acc15108636675816729ee30934872b430658e9e26f6cae3

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Wed, 07 Apr 2021 11:28:09 GMT
server: nginx
etag: "606d9749-61f14"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 401172

GET
H2 200 windows_10_mail_app_concept.png
www.theredmondcloud.com/wp-content/uploads/2021/04/ 147 KB
147 KB 216ms
216ms Image
image/png 104.196.38.237
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theredmondcloud.com/wp-content/uploads/2021/04/windows_10_mail_app_concept.png
Requested by: Host: www.theredmondcloud.com
URL: https://www.theredmondcloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.38.237 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 237.38.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6eac077a4a36705fc8ec26b3971ce365db5ee9e8a918af4046aa69532c9298f7

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
last-modified: Mon, 05 Apr 2021 18:08:15 GMT
server: nginx
etag: "606b520f-24b3a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 150330

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theredmondcloud.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 93104
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:20 GMT

GET
H2 200 in.php Show response
in.getclicky.com/ 63 B
372 B 461ms
151ms Script
text/javascript 198.145.13.14
IINET-2044

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101149967&type=pageview&href=%2F&title=The%20Redmond%20Cloud&res=1600x1200&lang=en&jsuid=2172916864&mime=js&x=0.15981497466057792
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 , United States, ASN2044 (IINET-2044, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 6818805bc47983a1db488f9490a8b8ade9414c98c02757b6511b0b93fa591268

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.theredmondcloud.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 93075
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Tue, 12 Apr 2022 21:15:49 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 5938 156 B
516 B 190ms
190ms XHR
text/plain 34.208.10.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.10.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-10-33.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d70a07176cf716e4361f44f8c5d950c8f0059b665b52df3ae8375e8bee99d375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 790660989856313192
tpc.googlesyndication.com/simgad/ Frame BD9C 142 KB
142 KB 30ms
12ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/790660989856313192?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk05wx62Jxn3stsF7CEU_-WcTh4vQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d684419930a30bc7345d8fa3bd2d41352596df22ec2e03c19440b1fff2428853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 21:45:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:33:05 GMT
server: sffe
age: 177674
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145400
x-xss-protection: 0
expires: Mon, 11 Apr 2022 21:45:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame BD9C 17 KB
7 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:52:42 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame BD9C 2 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:50:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD9C 118 KB
36 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame BD9C 13 KB
6 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:51:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame BD9C 25 KB
10 KB 42ms
26ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:54:24 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD9C 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co8ATGCR2YKTQDc_4gQeK0Y7QC6vXqplip7KGyagNv7zE2JQOEAEgqOD4AWCVAqAB8vvT3wPIAQKpAloaIfg4DbQ-qAMByAPJBKoEyQFP0BrsLdljphR5h16KEZxps0dSQ2a1MrkEE379m-57z6b4mHXPKX-Zyl2mN14hn9qZ8ePiHgC7oxs0zGXLlaUGNz2aJeP2YjG1-Dheiu7wvAUoTMd6mg5bsAOZ45sm-hakEUUV-3VUhcBTiKy-Lzvp9s579ACO-y-xGEyxMYZMskrNGqE1H7MX6UKGvWCrz6j_-mMtqlPhW7Ocoy2Dya_x4wL8zG9aAa6C6iQNweKuRGMjPKEhwl3VqLfiIUGO9goqr9TQoJYIXJPABJun9ef2ApIFBAgEGAGSBQQIBRgEoAYCgAfZ5bImqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMive9IICQiA4YAQEAEYH4AKAcgLAdgTDZgWAbIXGgoYCAASFHB1Yi05NzM1MDg1MTIzNzIwODE5&sigh=MFXyQOglExo

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 23:07:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F19 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkSeUcXBNeO8GNNWMrxRZHfqBamjBn7pQq8k1YQnYXqZsbs4oWJYm-uABsbm3s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=230&slotname=8142839743&adk=3722513838&adf=669419013&pi=t.ma~as.8142839743&w=801&lmt=1618355224&rafmt=11&psa=0&format=801x230&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224064&bpp=2&bdt=265&idt=128&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1521&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vBgSoDRSYD&p=https%3A//www.theredmondcloud.com&dtd=131

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 22:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1538
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0615 247 B
788 B 111ms
31ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

94b034848ecc7087c7deee7bb64e11849e449605c680bed3df00002652ccfe43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-czVTr9tIavL9c9P4KCzv9Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 203
date: Tue, 13 Apr 2021 23:07:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7F19
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkSeUcXBNeO8GNNWMrxRZHfqBamjBn7pQq8k1YQnYXqZsbs4oWJYm-uABsbm3s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 23:07:04 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 14-Apr-2021 00:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 23:07:04 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BD9C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d8544fa8c182ab15ea8e28a80700170d99b778ec906d35fbfe1ba2736ea2c49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 iframe.html Show response
p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 0615 7 KB
3 KB 75ms
44ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b4fb7c4d0220486b17c6d4c85298ccd502efe12f6016b909728dd97e0f481ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-DyF8l25VORtw7FGtHpfUig' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 2425
date: Tue, 13 Apr 2021 23:07:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 25 Feb 2021 15:45:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 10575982942070148908
tpc.googlesyndication.com/simgad/ Frame 2974 51 KB
51 KB 36ms
23ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10575982942070148908?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkvaajxbmqWDNmR51_G4CfaK3t-kA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c47c310c0a2200f97030971c6813652258d52406a4bc36fb4d191b20c50601c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 21:45:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 13:33:05 GMT
server: sffe
age: 177677
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52137
x-xss-protection: 0
expires: Mon, 11 Apr 2022 21:45:47 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame 2974 17 KB
7 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:52:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 2974 2 KB
1 KB 30ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:50:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2974 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 2974 13 KB
6 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:51:44 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 2974 25 KB
10 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 17:54:24 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2974 0
0 16ms
16ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_wzlGCR2YMHVDdbPgAeulJfACKvXqpli37CGyagNv7zE2JQOEAEgqOD4AWCVAqAB8vvT3wPIAQKpAloaIfg4DbQ-qAMByAPJBKoEwwFP0CivSOr2Z_NorxQgw57SyGrocSTzTM1ZtltgP-x4wJrolTxRLCsFU7NsxfQiwblaWOgf4RnVLOuZ2rtABbWZM6UPLc2ylxZNK5ylt919vSjaDov_ope08swtl9g9opa7BrSJa4GmZnq36MQJvnQKEQBVuAY6epSpG1YuUU3u6LOxI5qIU2pLTRR8z-5bwaAr3Xu5X6qD2nslJWor3V1GC73--yGzxugqar4sleMurt3MhvIomjnunEL6pffFvRy7cgfABJun9ef2ApIFBAgEGAGSBQQIBRgEoAYCgAfZ5bImqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKz6OdIICQiA4YAQEAEYH4AKAcgLAdgTDZgWAbIXGgoYCAASFHB1Yi05NzM1MDg1MTIzNzIwODE5&sigh=kxSBb2sh_AM

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 23:07:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBD9 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkSeUcXBNeO8GNNWMrxRZHfqBamjBn7pQq8k1YQnYXqZsbs4oWJYm-uABsbm3s; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=7003477533&adk=942042031&adf=928543991&pi=t.ma~as.7003477533&w=305&fwrn=4&fwrnh=100&lmt=1618355224&rafmt=1&psa=0&format=305x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1618355224066&bpp=3&bdt=268&idt=133&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250%2C801x230&correlator=6544629059056&frm=20&pv=1&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1055&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9W89fhsyw2&p=https%3A//www.theredmondcloud.com&dtd=136

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 13 Apr 2021 22:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1538
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2974 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c2f757a6d999a6d7037f1b58d975a694e430fee455da79afb5a98c37114bfdb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBD9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkSeUcXBNeO8GNNWMrxRZHfqBamjBn7pQq8k1YQnYXqZsbs4oWJYm-uABsbm3s; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 23:07:04 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 14-Apr-2021 00:07:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Apr 2021 23:07:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Apr 2021 23:07:04 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame E0C0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 21819
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 17:03:25 GMT

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame B551 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 21819
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 17:03:25 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 1F98 3 KB
600 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=1762806521&adk=1736106897&adf=2093108174&pi=t.ma~as.1762806521&w=970&lmt=1618355224&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224052&bpp=11&bdt=253&idt=110&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6544629059056&frm=20&pv=2&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nqxbXcghr1&p=https%3A//www.theredmondcloud.com&dtd=128

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 21:24:47 GMT
server: ESF
date: Tue, 13 Apr 2021 23:07:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 1F98 1 KB
980 B 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:55:39 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/ Frame 1F98 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 8830192366576089018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:52:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 1F98 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:50:42 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F98 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:04 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/ Frame 1F98 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 22:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 22:51:44 GMT

GET
H2 200 a0b5068ca1fc7f6ff765c7833258ec42.js Show response
www.gstatic.com/mysidia/ Frame 1F98 25 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 01:23:38 GMT
server: sffe
age: 423059
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0
expires: Thu, 08 Jul 2021 01:36:05 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1F98 0
0 16ms
15ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZoqNGCR2YLzVDYTk-gaptpbgB9mGrIVikIiAlOMN29keEAEgqOD4AWCVAqAB3_38vQHIAQmpAmk1EpxmB7Q-qAMByAPLBKoEvwFP0PFodoRPjOkZaJYrZliAIMBIiGwDs56s6D01f4LcmrkleUVtGFRAuUUnr_EQiMh4KY1FJ8hn95hHZibl6Ek_6aabCgEYN1YKup-ZEZPkmEkFx93d65fG0kQQwPYaebwTfs8GYaxRXe1h_oOByN2qJB7itKdvEe1YhI-ZPVBrBqUELAQINZYK3IMLH9RPv4UM_K72Ss1gW3ual9cHvTJSr8PptKq1580bHr1ZZiQYXb_Lmil9dQ6My3rq8ULWZ8AE49Gs6skDkgUECAQYAZIFBAgFGASgBi6AB4mCg8ICqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFEKvEhgXSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQBshcaChgIABIUcHViLTk3MzUwODUxMjM3MjA4MTk&sigh=FhAk_2sQqYg&template_id=5000

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735085123720819&output=html&h=250&slotname=1762806521&adk=1736106897&adf=2093108174&pi=t.ma~as.1762806521&w=970&lmt=1618355224&rafmt=12&psa=0&format=970x250&url=https%3A%2F%2Fwww.theredmondcloud.com%2F&flash=0&wgl=1&dt=1618355224052&bpp=11&bdt=253&idt=110&shv=r20210412&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6544629059056&frm=20&pv=2&ga_vid=114515015.1618355224&ga_sid=1618355224&ga_hid=2144310203&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060711%2C44740079&oid=3&pvsid=1958802296746055&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nqxbXcghr1&p=https%3A//www.theredmondcloud.com&dtd=128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 13 Apr 2021 23:07:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11159070560030632077/ Frame 1F98 20 KB
20 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11159070560030632077/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b872f88af2fa61328c7ae705e48ca4bbae1f9a47e29e4b6790ad2490a4fab932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 15:37:32 GMT
x-content-type-options: nosniff
age: 458972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20244
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 08:27:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 15:37:32 GMT

GET
DATA 200
OK truncated
/ Frame 1F98 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1F98 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e84ffba04f10f4e29608f18ff02ee7dd51802a090395d0be0e44cefe4b3ea368

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1F98 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 219807
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1F98 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 507843
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 43ms
30ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210412&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abade479288a55bf57b968d16aaa13e4ecd0b61a77c920d565891dbc79dbcd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Apr 2021 23:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6589
x-xss-protection: 0

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 40F4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 21820
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 17:03:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 23:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 13 Apr 2021 23:07:05 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F370 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.theredmondcloud.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.theredmondcloud.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 13 Apr 2021 20:02:23 GMT
expires: Wed, 13 Apr 2022 20:02:23 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11082
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame F370 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 21820
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Wed, 13 Apr 2022 17:03:25 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 14ms
14ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210412&jk=1958802296746055&bg=!4OOl46fNAAb2K53n9is7ACkAdvg8WgWJDTuZCOHu410GlANF3QjTqPrnsgHyrGMlbUgaLm64yA_YRwIAAABZUgAAAApoAQcKAWOhJ_oMBXInrmzrSHhAZSkEHZNfTC7f7542yg_swFEgScWQq6V1PguufSEGvdFHi4R4zO2dDMuwIVxW4PbBs2nT-uMF6YYDUjzYQVlVu6kb4LZmdPob3LXlBEVu_l7DCUt-p1PNs07vODaOyVgrjOVCN_UF8FgRoqCy7198_C0nZGNj94fAn0mHYPwZY19c40iPH9lRRztkeALymDceDavofKQ_Yp_HHD9y42R26FdodovaCwMaINYNSx-4H5ew7xyaC5t4JApRBfYXSFiLxXwrbF4rSWin2vt5HzSW5V4oTpUuqmA465TPc7gWWBZQd-JfkqRGdFzdhWRwkyrCEfbbc9dDwteHER74RIYJbZOJHWa-qO4_BzLdfFkeLU5-yB3WKoyBt1v3jC383q8euO2nOz3Z_HrUJo3qCgfwPLfTRhyyrhNjps8-jtpopWVIqQp_MmO8cvjC3F-93Gyq627IOJSBmQHlAGL7wPgfx8n3GsDViaJqGvMx9vbCzhKMDsA-FSodzoBUt7B3P9UyEp7DRXJMEjfoW_RMSH8Ve9ULE-iK4X8r1bSRiC4tb_4dLtjxvmwHND3mYQTNFtV5soFMLzJK6bDfiicIGzibzm7THTKwDB3WImLQZ0zAXzRNQL69MxqZrJV-yAY6-zOF0nhRhwmxyEqtnHPTomabZZdcNSUFE_mOvgX19nkWwGk83DZ4_6AXbfqnV1LAaYVAkVL62QQMSjPx4IEs1b04Zy7kKstOx-ahPhln_eoOBzEqtG_aHpXclngqIBj7fR6g-tqLcgB7vHOaBiP1-4d2R97UeViDuz1CShSgU_WPONfPCO6-7j8vOITwxWg5vq2j2QjB78BBwB9f-N85po3FSwmR58yjQ1xoBcWf8Ljn9GQJEatf2ytYaE_Lv_FXCBwNvccDIZF_6TqqCSO0KhqBOLIJNaCIZG_aPv1TCXmsRNB3AWQlIAXlaq3V3xr2rvUfBHvO54l4AMv3D2KaYpXxau3uF5AqqPEpMTrS9fvittUy-w617dcqiDRcnQnnkh72IYuRcyLh43EuvFJJEpd-E3-Tjd9tOYbaSrPfyiRtYSvDCGX3trau55e7OiFwxNiVKEqg78_3FXGlVI2Txec

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theredmondcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2974 42 B
132 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQN_LF0JkfkRlHyZ0eyX2wgvjLRw9p7UuAcBGRef-ZrBEhHbKVm3HMifObs2InOJA1HiVhAWLo88X6888zqP7vBOLQMJh-m5MD2cFO9UQK4Sp82qB752Rr5SCs7g&sai=AMfl-YRVGcOr2GRFrdCrQNe52d9asQSXOCjCmmRCoXUOogLeY-abi1GEiADFhvNG_ZZA_2dJK5H68BlYkrNO&sig=Cg0ArKJSzP1_Na1S1-DuEAE&id=osdim&mcvt=1000&p=771,1058,1021,1358&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=942042031&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618355224205&dlt=518&rpt=46&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1F98 42 B
89 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8ZhPn75ZOasrMeH7nP9rJrh9ETdNvBj6vbSbQC5NRuzX_d-j07JURX71KU9rb_9_uuvNLSOnZb6TsKwGLn0VHJ06CvseVA2rvRqZ0eATbVEbebiN85E39wo8MOQ&sai=AMfl-YTzW5pm2suKl_y3idJQa0SzfpDqctO-HZCtpEoHPAs8EDmXqwGZKABislFS_pJbM2lGMN0N9zkiiid6&sig=Cg0ArKJSzO1NrZQJSSXDEAE&id=osdim&mcvt=1000&p=507,315,757,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1736106897&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1618355224183&dlt=769&rpt=73&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 0615 35 B
410 B 63ms
13ms Image
image/gif 2a00:1450:4001:810::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 0615 35 B
410 B 119ms
33ms Image
image/gif 172.217.23.114
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.114 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Apr 2021 23:07:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:32:36	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:54:11	Name: IDE Value: AHWqTUkSeUcXBNeO8GNNWMrxRZHfqBamjBn7pQq8k1YQnYXqZsbs4oWJYm-uABsbm3s
.www.theredmondcloud.com/	1970-01-20 02:18:11	Name: __stripe_mid Value: fc04c8ea-e4d2-469a-aecb-db929384dac3677cad
.www.theredmondcloud.com/	1970-01-19 17:32:37	Name: __stripe_sid Value: 8a5a583e-e537-4a8e-8a09-e44f50f8d98798dd0d
.theredmondcloud.com/	1970-01-20 02:18:11	Name: _jsuid Value: 2172916864
.theredmondcloud.com/	1970-01-19 17:32:35	Name: _first_pageview Value: 1
.doubleclick.net/	1970-01-19 17:32:38	Name: DSID Value: NO_DATA
.theredmondcloud.com/	1970-01-20 02:54:11	Name: __gads Value: ID=bf3cd30a5649922b-22cc5d9b19bb0053:T=1618355224:RT=1618355224:S=ALNI_MaJyGzDeEiuqEJch9El5aKXRQNZQQ
.theredmondcloud.com/	1970-01-19 17:32:35	Name: _gat_gtag_UA_130229313_1 Value: 1
.theredmondcloud.com/	1970-01-19 17:34:01	Name: _gid Value: GA1.2.288145071.1618355224
.theredmondcloud.com/	1970-01-20 11:03:47	Name: _ga Value: GA1.2.114515015.1618355224

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2vplsu2wo1292qcj331fo1gj-wpengine.netdna-ssl.com
adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.getclicky.com
js.stripe.com
m.stripe.com
m.stripe.network
p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i1-v6exp3.ds.metric.gstatic.com
p4-fws76svdt6oso-k2rqxjkbf73lssgf-698044-i2-v6exp3.v4.metric.gstatic.com
p4-fws76svdt6oso-k2rqxjkbf73lssgf-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.getclicky.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.theredmondcloud.com
104.196.38.237
108.161.188.228
142.250.185.131
151.101.112.176
151.101.12.176
172.217.23.114
198.145.13.14
216.58.212.162
2606:4700::6810:a010
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2012
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
34.208.10.33
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09ed0b90792b75d8acc15108636675816729ee30934872b430658e9e26f6cae3
0bb28d10bb7d897850b85fa634fffdeb90460d70a136d06e686c2ee64a9f33b3
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f174ddc83a9dcca56c451c576229ece9eefbb801889f9196f4e5ac243239ae2
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1ea0d8246003aac1525f0bb5faa6289a8bb109a12eff74a6d9a03d9bdecfd393
20a8b54626d37aa740978e5136dfa8df0865c34e1277a5c57746baf0f24517f0
20ca6860d6089c3a34adda462894781d12feed8f309032579794f8600150fdea
224b55233ae7e7d0bc166237c4c32e32f72da47ceb28a4531491782798514bfc
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
2360f334f39b398c05a9aad6a8398afc785ec2a83734937a39f2d31e33b7ac2d
244de6960388f992e43c07685dd8c7ca1ee4424d85874a72036f2f8e692bbd7b
2813932abb93f10a530d90a7577873f127b8ebceb47d72f8523da0cacab917f4
2a62c5acae3f0154078dc161d5fa42af8e978733ae856871744a157126f7c9d8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33e484423ef906a2b9ba964682e174bb252c3fed27676461a686dd2e21834c68
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
452299bf973d96a1602d92ae67d7b7f16fc74ada4032467ecb96881fdb776b9f
4703b5a2f2f37247e92d3e29075208387813a64c2c67f8cc99d5e2881d640754
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d999110be8b0ac267282cceeaa57be64ee879f54e39e0ce3d776e0c589f7ba7
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c
5820216486981914837a6b4f07dc46f6969a726d301a867b6043b149fab43ec7
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ed40c0627a5ef21689421b3a27a4cf1012fb77c8850c22ac224c1c3e92417d0
5ef04a0233bfa27032d084a46b9472354511b0f9cfe9cf7d417121f4ec64e4c3
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
634d16acdf3bf6bc5dcaea163bf6812a1940ef8c0532cd853d5d8fb2e64e849b
64a75b34d51e75a9d0f61d281ad06421202c30f06c1a2339d7a2347ddcb84f3e
6818805bc47983a1db488f9490a8b8ade9414c98c02757b6511b0b93fa591268
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eac077a4a36705fc8ec26b3971ce365db5ee9e8a918af4046aa69532c9298f7
7060a345165365aecc9b61f4d184318876c3bd1f7ff90d54f5b8bb1ef2c1e30c
713d74f1be4a1d106569bed12251797f9a2ff5aacd70457e5f2539085da3b9c2
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
743ff50a70730b41ec4d787a6dccdf5aecdcfa833a7e2c6580853b08ee76f0f5
7469bb0c9cf9988f08f24ddadaa9c46a4b49028ed56a7a8a3446bea69401cd79
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
7ac3275a0e2bdc1b6aafa03edeca0c12d03cdc943c20f785b139069317b8d147
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8acf22af53908453fd0138b9826406679d5cb670241f67864810a23d66b6f924
8b3a13a285d5cba35918ef8442b9e814f429b18099b3bcf761903627646374de
8d8544fa8c182ab15ea8e28a80700170d99b778ec906d35fbfe1ba2736ea2c49
94b034848ecc7087c7deee7bb64e11849e449605c680bed3df00002652ccfe43
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
97054540a430d31194e4f5559caaee654aa693c169253dc680133247ec157482
9a8d4f55a83aa4e1f884930f204914da68bd3f34cb4a66b8337b032f2ebabafc
9bd8e86326e4ea0220a64f4b71c334ca8384d4ffe0754412132f9f5a07ff7a9c
9c2f757a6d999a6d7037f1b58d975a694e430fee455da79afb5a98c37114bfdb
9c81c186462a0ddff9d9cef0552891818e264148450fe68c99c550617df77a97
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
abade479288a55bf57b968d16aaa13e4ecd0b61a77c920d565891dbc79dbcd08
aea051e0c9f1773af8ad11912ca04c1b2ec6ff83011d3cd894be655f2cbec445
b4fb7c4d0220486b17c6d4c85298ccd502efe12f6016b909728dd97e0f481ab6
b872f88af2fa61328c7ae705e48ca4bbae1f9a47e29e4b6790ad2490a4fab932
ba3e36ed3e75e98807e60bdea73a432f9ca3a378bc5aa05d172c652c914cb6a3
c18bdaadde09ddabb38917587b893fc5be72e11f80136a59f5cdfc760cc3968b
c207bd82a7804c83a03365145221aa699e09a034b14e34a5ee4cd83b09101006
c457b8777f88e46f624630253cd95b1ceddd445ec43236751aa723e97788d354
c47c310c0a2200f97030971c6813652258d52406a4bc36fb4d191b20c50601c6
c5e507cdd056c590258573b14fed0c8232ca65e2ebf4712cc19f30333295d3a4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7464aacb85cee0b0e538f1bb2e7c43ff37bab24288eed484e8aa69c48d47c27
c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cea7cfde089438b5395a868096511840b97ef43ce47ac500e1b3176965bfbf15
d684419930a30bc7345d8fa3bd2d41352596df22ec2e03c19440b1fff2428853
d70a07176cf716e4361f44f8c5d950c8f0059b665b52df3ae8375e8bee99d375
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d902639ff159c291e4c4e266f3b64fd3b3ed236477a5a6479aafda8a4253fbab
df60a44a912c6e77c0a7b906b37ceac33498487a641b89520ddbf98dd6557cdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f8fb3de1908cf50ce35acee4c5932760e17fba860ec7c2a591ea5dcffa306d
e84ffba04f10f4e29608f18ff02ee7dd51802a090395d0be0e44cefe4b3ea368
e8b0d2ee262785fb4bfb4e4717d4e5cf7536e52f0821c091dc84f10b42e69df4
ec2b74ad32b648473333db6a8ea99c4c5ca8012a9ad9d30696fca840791f5bab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ffe7c3d559780b916266217b3683f10a7edbc655d5e11149a36e6f74af8fc68f

www.theredmondcloud.com Open in urlscan Pro 104.196.38.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

63 %IPv6

15 Domains

23 Subdomains

23 IPs

2 Countries

2348 kBTransfer

4241 kBSize

11 Cookies

2 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theredmondcloud.com Open in urlscan Pro
104.196.38.237 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

23
Subdomains

23
IPs

2
Countries

2348 kB
Transfer

4241 kB
Size

11
Cookies

112 HTTP transactions
5 data transactions