hw.online Open in urlscan Pro
2606:4700:20::681a:48d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.headwayfx.com/
Effective URL:
https://hw.online/user/signup?hwp=60f8fa
Submission: On July 25 via manual (July 25th 2024, 4:21:54 pm UTC) from ID — Scanned from DE

Summary HTTP 117 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 47 domains to perform 117 HTTP transactions. The main IP is 2606:4700:20::681a:48d, located in United States and belongs to CLOUDFLARENET, US. The main domain is hw.online.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.

This is the only time hw.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:80f::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2009	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	142.250.181.233 142.250.181.233	15169 (GOOGLE) (GOOGLE)
1 1	172.67.158.78 172.67.158.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.132.72 172.67.132.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:20:... 2606:4700:20::681a:48d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1f::54	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	34.111.36.66 34.111.36.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1 6	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	46.4.253.88 46.4.253.88	24940 (HETZNER-AS) (HETZNER-AS)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	4.153.72.49 4.153.72.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	95.217.122.4 95.217.122.4	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.185.162 142.250.185.162	() ()
1	2a02:2638:3::e 2a02:2638:3::e	() ()
1 3	2a02:2638:3::c 2a02:2638:3::c	() ()
1	178.250.1.9 178.250.1.9	() ()
117	35

1 2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.headwayfx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.158.78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

headway.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.132.72 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

headway.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:48d (United States)

ASN13335 (CLOUDFLARENET, US)

hw.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.36.66 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.36.111.34.bc.googleusercontent.com

g.hw.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

carehw.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.253.88 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.253.4.46.clients.your-server.de

cdn.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.217.122.4 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.4.122.217.95.clients.your-server.de

cp.pushwoosh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (None, )

ASN- ()

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hw.online hw.online g.hw.online	1 MB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3854 ekr.zdassets.com — Cisco Umbrella Rank: 4356	225 KB
8	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 468	85 KB
7	pushwoosh.com cdn.pushwoosh.com — Cisco Umbrella Rank: 45891 cp.pushwoosh.com — Cisco Umbrella Rank: 48671	38 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 c.clarity.ms — Cisco Umbrella Rank: 1838 i.clarity.ms — Cisco Umbrella Rank: 17859	29 KB
5	criteo.com 1 redirects dynamic.criteo.com gum.criteo.com sslwidget.criteo.com measurement-api.criteo.com Failed	29 KB
5	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 7953	207 KB
4	doubleclick.net 2 redirects ad.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net cm.g.doubleclick.net Failed	133 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 534 c.bing.com — Cisco Umbrella Rank: 341	17 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	164 KB
3	zendesk.com carehw.zendesk.com	1 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	44 KB
3	blogger.com www.blogger.com — Cisco Umbrella Rank: 9911	93 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	4 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	40 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	76 KB
1	gstatic.com www.gstatic.com	213 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	headway.work 1 redirects headway.work	439 B
1	headway.partners 1 redirects headway.partners	443 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	11 KB
1	headwayfx.com www.headwayfx.com	46 KB
0	1rx.io Failed sync.1rx.io Failed
0	emxdgt.com Failed e1.emxdgt.com Failed
0	yieldmo.com Failed sync-criteo.ads.yieldmo.com Failed
0	yieldlab.net Failed ad.yieldlab.net Failed
0	3lift.com Failed eb2.3lift.com Failed
0	tremorhub.com Failed criteo-partners.tremorhub.com Failed
0	teads.tv Failed criteo-sync.teads.tv Failed
0	sharethrough.com Failed match.sharethrough.com Failed
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	pubmatic.com Failed simage2.pubmatic.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	postrelease.com Failed jadserve.postrelease.com Failed
0	mediavine.com Failed exchange.mediavine.com Failed
0	media.net Failed contextual.media.net Failed
0	ivitrack.com Failed matching.ivitrack.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	id5-sync.com Failed id5-sync.com Failed
0	demdex.net Failed dpm.demdex.net Failed
0	casalemedia.com Failed r.casalemedia.com Failed
0	omnitagjs.com Failed visitor.omnitagjs.com Failed
0	taboola.com Failed sync-t1.taboola.com Failed
0	smartadserver.com Failed rtb-csync.smartadserver.com Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
117	47

	Domain	Requested by
17	hw.online	www.headwayfx.com hw.online static.cloudflareinsights.com cdn.pushwoosh.com
8	static.zdassets.com	hw.online static.zdassets.com
6	cp.pushwoosh.com	cdn.pushwoosh.com
6	www.google.com	1 redirects hw.online www.gstatic.com
5	blogger.googleusercontent.com	www.headwayfx.com
4	connect.facebook.net	hw.online connect.facebook.net g.hw.online
3	gum.criteo.com	1 redirects dynamic.criteo.com
3	ad.doubleclick.net	2 redirects
3	bat.bing.com	www.headwayfx.com bat.bing.com
3	www.clarity.ms	g.hw.online www.clarity.ms bat.bing.com
3	carehw.zendesk.com	static.zdassets.com
3	g.hw.online	www.headwayfx.com g.hw.online
3	maxcdn.bootstrapcdn.com	www.headwayfx.com
3	www.blogger.com	www.headwayfx.com
2	i.clarity.ms	www.clarity.ms
2	www.facebook.com
2	c.clarity.ms	1 redirects
2	unpkg.com	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	dynamic.criteo.com	g.hw.online
1	googleads.g.doubleclick.net
1	c.bing.com	1 redirects
1	adservice.google.com
1	cdn.pushwoosh.com	g.hw.online
1	www.googletagmanager.com	g.hw.online
1	www.gstatic.com	www.google.com
1	ekr.zdassets.com	static.zdassets.com
1	accounts.google.com	hw.online
1	static.cloudflareinsights.com	hw.online
1	headway.work	1 redirects
1	headway.partners	1 redirects
1	fonts.googleapis.com	www.headwayfx.com
1	ajax.googleapis.com	www.headwayfx.com
1	use.fontawesome.com	www.headwayfx.com
1	www.headwayfx.com	www.headwayfx.com
0	sync.1rx.io Failed
0	e1.emxdgt.com Failed
0	sync-criteo.ads.yieldmo.com Failed
0	ad.yieldlab.net Failed
0	eb2.3lift.com Failed
0	criteo-partners.tremorhub.com Failed
0	criteo-sync.teads.tv Failed
0	match.sharethrough.com Failed
0	pixel.rubiconproject.com Failed
0	simage2.pubmatic.com Failed
0	sync.outbrain.com Failed
0	jadserve.postrelease.com Failed
0	exchange.mediavine.com Failed
0	contextual.media.net Failed
0	matching.ivitrack.com Failed
0	ad.360yield.com Failed
0	id5-sync.com Failed
0	dpm.demdex.net Failed
0	r.casalemedia.com Failed
0	visitor.omnitagjs.com Failed
0	sync-t1.taboola.com Failed
0	rtb-csync.smartadserver.com Failed
0	ib.adnxs.com Failed
0	x.bidswitch.net Failed
0	cm.g.doubleclick.net Failed
0	measurement-api.criteo.com Failed	www.headwayfx.com
117	61

This site contains no links.

Subject Issuer	Validity	Valid
www.headwayfx.com WR3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.blogger.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
hw.online WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
zdassets.com E6	`2024-06-29` - `2024-09-27`	3 months	crt.sh
accounts.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-04` - `2024-08-02`	3 months	crt.sh
g.hw.online WR3	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
carehw.zendesk.com Cloudflare Inc ECC CA-3	`2024-03-13` - `2024-12-31`	10 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.pushwoosh.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-06` - `2025-04-05`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://hw.online/user/signup?hwp=60f8fa
Frame ID: B23307F89C46C98DFBE00DCB00AC1CBE
Requests: 77 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js
Frame ID: 53A17D64DD50BF4BA38FB68E5D60AB62
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q&co=aHR0cHM6Ly9ody5vbmxpbmU6NDQz&hl=de&type=image&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&theme=light&size=invisible&badge=bottomright&cb=jmng6isxlwmu
Frame ID: E35C031352B5456DFCBEAAFD372746A5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q&co=aHR0cHM6Ly9ody5vbmxpbmU6NDQz&hl=de&type=image&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&theme=light&size=invisible&badge=bottomright&cb=jzur84cavk2y
Frame ID: 2505EEDFF91A775CA6AD948644D69023
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q
Frame ID: FFBB982BF985CF9C3355553C0E2885F0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q
Frame ID: C9590B1E9C1990B03637D77CD3F1EDE8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=hw.online&origin=onetag
Frame ID: F7885DCF0469C865D84ACA80401423F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-JdVu5ycLHenIdJX-VZ_sgTdFX17uSqSiC_uMPg&google_cm&google_hm=ay1KZFZ1NXljTEhlbklkSlgtVlpfc2dUZEZYMTd1U3FTaUNfdU1QZw
Frame ID: 20F9DF18734167CD1E07AE5E8FBF217D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Headway – your reliable broker for smart Forex trading

Page URL History Show full URLs

https://www.headwayfx.com/ Page URL
https://headway.partners/user/signup?hwp=60f8fa HTTP 301
https://headway.work/user/signup?hwp=60f8fa HTTP 301
https://hw.online/user/signup?hwp=60f8fa Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

117
Requests

69 %
HTTPS

47 %
IPv6

47
Domains

61
Subdomains

35
IPs

6
Countries

2592 kB
Transfer

8582 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.headwayfx.com/ Page URL
https://headway.partners/user/signup?hwp=60f8fa HTTP 301
https://headway.work/user/signup?hwp=60f8fa HTTP 301
https://hw.online/user/signup?hwp=60f8fa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

Request Chain 65

https://ad.doubleclick.net/activity;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.1 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.1 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=*;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.*

Request Chain 69

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&RedC=c.clarity.ms&MXFR=3092CA431A3463FB0139DE841E346DBF HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&MUID=0C7F84BC0E13605E16CD907B0F986180

Request Chain 78

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v9190772948z8898094293za200zb898094293&auid=301155233.1721924509&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v9190772948z8898094293za200zb898094293&auid=301155233.1721924509&frm=0

Request Chain 87

https://gum.criteo.com/sync?c=746&r=2&a=1&j=crto_callback HTTP 302
https://gum.criteo.com/sync?s=1&c=746&r=2&a=1&j=crto_callback

Request Chain 98

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ULQwIvRYvsn7ydd53bXVv41HTQcbGTzA

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.headwayfx.com/ 210 KB
46 KB 1664ms
836ms Document
text/html 2a00:1450:4001:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 46725
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 16:21:37 GMT
etag: W/"81a2407813eebc05a27ee6b0f92b0593dd5dd61f7eb87e68b14090df85b67f12"
expires: Thu, 25 Jul 2024 16:21:37 GMT
last-modified: Fri, 24 May 2024 01:18:10 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 30 KB
7 KB 739ms
52ms Stylesheet
text/css 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:23:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6620
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 09:54:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 23 Jul 2025 15:23:59 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 912ms
226ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.headwayfx.com
URL: https://www.headwayfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.headwayfx.com/
Origin: https://www.headwayfx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7H6PzNZ8cgRIa%2FjJ8N%2FBvY%2BstrTpFx5wKcmH5cJa73yhrYUacERUuRo9q1n7EPP0KTScfZ7bDgvCmi0VmvDKL81M1oSghdvkOmaHG%2BWbEtKEviK%2BJHcX6doAbyPz9LK5JhY1wrjIbd5Nj3%2BQfrdlf73"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8a8d7bf40fe7697b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 405ms
65ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4445967
cdn-cachedat: 11/30/2023 17:43:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ab8626e4b724b111058794b60ba8757c
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a8d7bf1ec87c3d6-WAW
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
24 KB 405ms
64ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 940
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2664727
cdn-cachedat: 10/31/2023 19:15:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c83fee2ffb8cb55535eaeb2520d7c34a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a8d7bf1ec86c3d6-WAW
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 737ms
52ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 08:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 08:57:08 GMT

GET
H3 200 bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
12 KB 539ms
199ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2664739
cdn-cachedat: 10/31/2023 19:19:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 961c2b7b2d788121b27e125e4b8e1833
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a8d7bf1ec82c3d6-WAW
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 73 KB
6 KB 714ms
55ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 16:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 16:21:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 16:21:38 GMT

GET
H2 200 HEADWAY%202024%20-%20001.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTfyouX5qoYfUEbY31x_I2llqcEhh2szg1X4s8H-mrPgRThxyb2LgH5mHDMVoW5CWurBu6KA4Ts3eeDbdHB9CHtQse2ukwnJSA5cefWXtNsffIT_bU_kG4DwqvqF1MItg7JRuZSguapbCI3kjw... 158 KB
158 KB 1933ms
1274ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTfyouX5qoYfUEbY31x_I2llqcEhh2szg1X4s8H-mrPgRThxyb2LgH5mHDMVoW5CWurBu6KA4Ts3eeDbdHB9CHtQse2ukwnJSA5cefWXtNsffIT_bU_kG4DwqvqF1MItg7JRuZSguapbCI3kjwVGwpWkcJM_m2Cw7t43ENEPRLKP4kXUSbWa0hR9TPulA/s16000/HEADWAY%202024%20-%20001.png

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v116"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HEADWAY 2024 - 001.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161713
x-xss-protection: 0
expires: Fri, 26 Jul 2024 16:21:39 GMT

GET
H2 200 01%20Mata%20uang.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipSiTvU8iYdW2b2HaCMYRjPsGHi3ZbEqNB_Lxyc6VHVQwGZR-unQeOqJOjmoe9hJwN_9A7aDM3w6iOEaeNNFkqYhfFSnHfw3wMbM0i7-GvoxDiVDQjhqyArb6wnmAiNnlQP48NODI1EeYg66AH... 12 KB
12 KB 1455ms
796ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipSiTvU8iYdW2b2HaCMYRjPsGHi3ZbEqNB_Lxyc6VHVQwGZR-unQeOqJOjmoe9hJwN_9A7aDM3w6iOEaeNNFkqYhfFSnHfw3wMbM0i7-GvoxDiVDQjhqyArb6wnmAiNnlQP48NODI1EeYg66AHZAi7V4rDEolkXBPWg1fXoPLmsjrikV7b1kWuwzUM_Ho/s1600/01%20Mata%20uang.png

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:39 GMT
x-content-type-options: nosniff
server: fife
etag: "ve2"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01 Mata uang.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12464
x-xss-protection: 0
expires: Fri, 26 Jul 2024 16:21:39 GMT

GET
H2 200 02%20Saham.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqlaVqh3_mlAx_FVJJmhgZ3a3bVUmHPvSCGgSfi8xb2D0fRoCJLUltzc3WwYPO45F2gmFVDqTWHzTI_doHiFcqvXj4q8r0QyZ8MiAEif4VIx6uaDriAWMB2wFhju65ExlshciZvJQ4kqgcrdI9... 12 KB
12 KB 894ms
893ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqlaVqh3_mlAx_FVJJmhgZ3a3bVUmHPvSCGgSfi8xb2D0fRoCJLUltzc3WwYPO45F2gmFVDqTWHzTI_doHiFcqvXj4q8r0QyZ8MiAEif4VIx6uaDriAWMB2wFhju65ExlshciZvJQ4kqgcrdI93DrUh9gMXszr3N0Pm6s1ED0OD0xUbStqKTV_PIbKTQk/s1600/02%20Saham.png

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:40 GMT
x-content-type-options: nosniff
server: fife
etag: "ve4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="02 Saham.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
expires: Fri, 26 Jul 2024 16:21:40 GMT

GET
H3 200 03%20Indeks.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv65qhdziBGDd8Bi0LF5SdzPNnmzLNYfkk8ftw7cFyWPZXQW8-O-M6KqH4PjrwxBzQQgwQ4WL-Eg1mUTgGiAv_XJi7RBCpDvymia4sRlX3UNYxncscBgINc_zQymZnt3KBElQFzzqJJjdBLv_Y... 13 KB
13 KB 671ms
670ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgv65qhdziBGDd8Bi0LF5SdzPNnmzLNYfkk8ftw7cFyWPZXQW8-O-M6KqH4PjrwxBzQQgwQ4WL-Eg1mUTgGiAv_XJi7RBCpDvymia4sRlX3UNYxncscBgINc_zQymZnt3KBElQFzzqJJjdBLv_YdoQ9bV1zT3WQldB-MAda_19NK78MDJIhWXy72uoFRmM/s1600/03%20Indeks.png

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:40 GMT
x-content-type-options: nosniff
server: fife
etag: "ve4"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="03 Indeks.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13347
x-xss-protection: 0
expires: Fri, 26 Jul 2024 16:21:40 GMT

GET
H3 200 04%20Logam%20mulia.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTGAjJ3mxSmc3D3ucd0bbhejdps8i3vjsYgvoC9gDYfhTAwLR5JtP63d6oJ3tzqu2tIhTm6VBeSGOA-Gn99hXpvsQNpNf_b2dxwlB4MPT_S_FMkjWSgawuNkSivyXZp2haBUjx1-D5yw-D1r1u... 12 KB
12 KB 526ms
526ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTGAjJ3mxSmc3D3ucd0bbhejdps8i3vjsYgvoC9gDYfhTAwLR5JtP63d6oJ3tzqu2tIhTm6VBeSGOA-Gn99hXpvsQNpNf_b2dxwlB4MPT_S_FMkjWSgawuNkSivyXZp2haBUjx1-D5yw-D1r1u0VA1ckcLZiG0R_HDb1-q-SQfX4uLkTEhl58DidMfM60/s1600/04%20Logam%20mulia.png

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:40 GMT
x-content-type-options: nosniff
server: fife
etag: "ve8"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="04 Logam mulia.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11989
x-xss-protection: 0
expires: Fri, 26 Jul 2024 16:21:40 GMT

GET 05%20Energi.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb71NxFFaYPiCxNeJByJ1NOGvZOXX5EXKv-WuIQFdjUs-nKNlsA-RRmrtHcGQurHehrs6B9XJI6UR34cMCSSLXH8cL4Q45Q_6TZiLeJWFyJJb8U2fFCYResuHAuI7jv4Pz4Bx_jgC31PDC-hJL... 0
0

GET 06%20Instrumen%20digital.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirRejssu1JCXvnBGjLeE5zMe87IQfRMt8SmEe6_stLfCmTUl0Z6wFhbOAHCCYdeKOAJagBs3YmzAgBhtlGeQdmkwb6yKw87PWcdI-m4vgK5DyFjHGrjOXerGUOwEtxK0u9WKEl54CjU110hyph... 0
0

GET DEPO%20WD%20HW.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-uYtLuPfEGImOPolhqZ1DKbueJQh1qUtHME11UxEXCEgxP5oZvz6wGMypOCYg4QrWXr9uU5FCwIV5xDE0MghzfRwLm6mfi4ZbNBYTxJp_33tWhI8xW772bUj9KeA_khVLAjnsAIDFW-Fsgbn-... 0
0

GET HEADWAY%202024%20-%20004.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvGaAI8jR_h_JPq-C8SmkhsWwPQ_LrmgyIuXkc10gXrpppDZ0DTB0_nrHXrAb_SJucLppQh3-HavVRx8kwyp1O20D8_RPYposCPImg-_ZqfQm1OCxBCFV8A9opzj7WUYvN5uiliyslWPlsE8Vr... 0
0

GET
H2 200 2271878333-widgets.js
www.blogger.com/static/v1/widgets/ 89 KB
36 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2271878333-widgets.js

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 06:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37082
x-xss-protection: 0
last-modified: Tue, 07 Oct 2014 07:06:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 24 Jul 2025 06:32:08 GMT

GET cookienotice.js
www.headwayfx.com/js/ 0
0

GET
H3 200 3406722122-widgets.js
www.blogger.com/static/v1/widgets/ 141 KB
50 KB 70ms
69ms Script
text/javascript 142.250.181.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3406722122-widgets.js

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.233 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f9.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.headwayfx.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 01:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51305
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 14:42:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 24 Jul 2025 01:53:30 GMT

GET
H2

200

Primary Request signup Show response
hw.online/user/
Redirect Chain

https://headway.partners/user/signup?hwp=60f8fa
https://headway.work/user/signup?hwp=60f8fa
https://hw.online/user/signup?hwp=60f8fa

2 KB
1 KB

499ms
195ms

Document
text/html

2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/user/signup?hwp=60f8fa

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf6b413361336415f0b14b01563d4d7a99491d9f9984ca776685df86cc49179

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.headwayfx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8a8d7c054aab39c8-FRA
content-encoding: br
content-type: text/html
date: Thu, 25 Jul 2024 16:21:41 GMT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2ByEp1Y%2FQQ74lqcmO8Am1bJJJos9CBqjvuwvfJEIXWLa9iyTskr2w82tp9%2FLhsqcQEws9blLRHwhuBSOU8QetObnMBtm5ZD1bKcW8jg399wjHqWtMSccqTuBGCZqpwYrllFlq%2FEmOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8a8d7c02bfe31e4d-FRA
content-length: 0
date: Thu, 25 Jul 2024 16:21:40 GMT
location: https://hw.online/user/signup?hwp=60f8fa
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwi4OkEqhb0%2Bs1mZ6Aa3pMnRy7Q5qRI3%2FQOrIMDalIAyLWkQEJlvRlL4RNHnI6KmmoWph9IPgcLgAOJ7sQS2uAwBx8l0wpn%2B%2B5qAiwNAIcIakK0iHPIZh1v1ln%2FCA3k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.7d99c409.js Show response
hw.online/static/js/ 4 MB
984 KB 267ms
267ms Script
application/javascript 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/static/js/main.7d99c409.js

Requested by

Host: hw.online
URL: https://hw.online/user/signup?hwp=60f8fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

609b32d117eac8db1c3eaabdebdcd9bcad297c4f17ad55d5ff563d389086a0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66991a75-3abc47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ct5uTbBNdpJkpAyYelVqiA5gRaxe%2Fz0M%2Bbulpv7tQWxaL1w5VYkY1M8hU4wHlWb%2Fe8lJ%2BENiZ%2FA7XeYuyPNj0Od%2FL71oOrL%2FLnObR3E2lYjVcsJYjbaPcp1MWX5HvOnkofDbPBx9xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8a8d7c0c0b8539c8-FRA

GET
H2 200 main.c35a99a5.css
hw.online/static/css/ 81 KB
16 KB 65ms
65ms Stylesheet
text/css 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/static/css/main.c35a99a5.css

Requested by

Host: hw.online
URL: https://hw.online/user/signup?hwp=60f8fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e6ef1db738ef4d3938b0c752b896dbdfe815aba73a5c6cce03081c42b9cc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6132
etag: W/"66991a75-142bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdyP1JhCb%2Bn8K5%2BRrsuhYwp1QZTvpD3tZ8e8vqDTrz45WAhysIBs%2FBOSbKQ6vQ6S7qagqCHErBSdkRJ%2FiP3KBUlxeykFp%2FtWBBFHkJLb1iIVs53O86DVYcThHdLdKvFhyN2QKqRTdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8a8d7c0c0b8939c8-FRA

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 257ms
101ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: hw.online
URL: https://hw.online/user/signup?hwp=60f8fa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://hw.online/
Origin: https://hw.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:43 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a8d7c0f7d2c1c3c-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 1167ms
312ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=84faf6b6-64bf-41ed-ad24-ace5a7992428

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1SNRDKSERGJV6VMK
age: 36
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uO6OXeT10Ei8gvkgOYk8GqfEKBgU7iMX4A03NuTET0/d9Yb+OS6Oh3/QHx2K65hZcFaRBXdx7thPR5P7i7nBPQ==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5p3yabbTC3XDAJIrJ1itK54mPNlR3wV1UhWanP4qfTAgJMzePc08iFg6hDcjSGvV5e%2FQ4uhmqDcBEFjnNtjU%2BKl9owk4ntiqNqeDzYGRLtJXKoQBQWp%2B%2BBaf%2FeRmGXjFAdeAFjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8a8d7c1b2df9c3fe-WAW
access-control-allow-headers: *

POST
H2 204 rum Show response
hw.online/cdn-cgi/ 0
201 B 148ms
67ms XHR
text/plain 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://hw.online
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a8d7c1628fb39c8-FRA

GET
H2 200 client Show response
accounts.google.com/gsi/ 221 KB
84 KB 1101ms
317ms Script
application/javascript 2a00:1450:400c:c1f::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1f::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e9a7a568120407de68ec39c08bb9a1e6b7df89dd356e26c13056fdf6da3d07e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HfcQNLYY7e1OjXej35-SNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-HfcQNLYY7e1OjXej35-SNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 25 Jul 2024 16:21:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 568ms
75ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db1742900a166ba97488a95c78b1b91897ff9f36edd445a06d90bd6856070dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 16:21:44 GMT
content-md5: EBXLMhUxlY1ZcJy9tw1PSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1297, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: pIFj0v9yDHdCwaG2LEFbbkJY8J6vpoTXgWfrc3zlROA/ndM8sM20tInB/gDgbbkkfKSPEOxnnZFUyA5+ioT7Xg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 185a6bd0e593a0a8d33ee341c7185655
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "063a2f35ada59b8cbf98228817185fff"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 25 Jul 2024 16:33:03 GMT

GET
H2 401 user Show response
hw.online/api/user/v1/ 58 B
378 B 135ms
125ms XHR
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/api/user/v1/user

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158ab92279405245c18c50a69fe759741669d167fb2fb237b8276c3f1859cc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

X-Application-Web-Version: v1.3.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Application-Product: headway
X-User-Language: en
Accept: application/json, text/plain, */*
Referer: https://hw.online/user/signup?hwp=60f8fa
X-Application-Platform: web
X-Application-ID: 1
X-Analytics-Firebase-ID

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbWrOWYiHFkVvNrmlzT6c%2B6p9hOwFmIzSdIbYc4sKVzh5GzwRWzNjTz2sC3%2BdixjRihRTLvKTySIydmLnIkqF9ekLA5MHR%2Bq%2BjL1Zr3WX5jasq5lX3tOuONgTV%2BYsNhITo4gPDor9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-robots-tag: noindex, nofollow
cf-ray: 8a8d7c16392639c8-FRA
content-length: 58

PATCH
H2 403 refresh Show response
hw.online/api/auth/v1/login/ 74 B
349 B 92ms
90ms XHR
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/api/auth/v1/login/refresh

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc464059f964f3869b102601f4c28082824a398d9dc569804ace7c666bbd086d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

X-Application-Web-Version: v1.3.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Application-Product: headway
X-User-Language: en
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://hw.online/user/signup?hwp=60f8fa
X-Application-Platform: web
X-Application-ID: 1
X-Analytics-Firebase-ID

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Wy7tLlKn3KfYoIdbXj9GJtUCXw1GTBY9T3k1qVzs%2FwXWw14xmmj2SMs94SMg3yNqXdgKWxeqa9K%2FXseBu1zHxBa5kIOtR%2BlnLbdn7Uk0CYQ9GyWMINBBKNN1X%2FWJ7nX5w03aucLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-robots-tag: noindex, nofollow
cf-ray: 8a8d7c181bcf39c8-FRA

GET
H2 200 favicon.svg
hw.online/ 756 B
922 B 114ms
114ms Other
image/svg+xml 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c92bb04696b85d2652a638c73be66485556a34b4858c9389c8c388e4120d4061

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Jul 2024 13:47:39 GMT
server: cloudflare
etag: W/"66a2577b-2f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BBw%2F2KYTAwGNS0IGrp355%2FhLN6M8TihuQEQRu8rJabRHlg83LU0OOz1kWuziGoaxx92gmBNQSb%2FMvyNazzUuD3HI8FSLK%2FiVuhV0oO4i3jAp4DTXCG4R%2FgiBmPI7f%2BAaK%2FaZEp3vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public, max-age=31536000
cf-ray: 8a8d7c181bd239c8-FRA
expires: Fri, 25 Jul 2025 16:21:44 GMT

GET
H2 401 user Show response
hw.online/api/user/v1/ 58 B
440 B 81ms
81ms XHR
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/api/user/v1/user

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158ab92279405245c18c50a69fe759741669d167fb2fb237b8276c3f1859cc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

X-Application-Web-Version: v1.3.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
X-Application-Product: headway
X-User-Language: en
Accept: application/json, text/plain, */*
Referer: https://hw.online/user/signup?hwp=60f8fa
X-Application-Platform: web
X-Application-ID: 1
X-Analytics-Firebase-ID

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCnPE%2FjZ8LlsM%2BgYYn%2FEsvJ67qWP9rzRCMPeAb7rYwGGqmRKyxViqoBHynbnCNrR7YRK3j0GLgxO043pFk9qJN5NXAf%2BTPLBBG165szLC9VDJP9RMOyiJqwVQ88VUMrlqU%2Fb824DjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-robots-tag: noindex, nofollow
cf-ray: 8a8d7c18bc9139c8-FRA
content-length: 58

GET
H2 200 check-registration-availability Show response
hw.online/api/auth/v1/ 34 B
347 B 331ms
291ms Fetch
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/api/auth/v1/check-registration-availability

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

553def3b0a582fd7695ae1b3a0386c26dac19a5a4e3e2c280a92a72c25c642bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

x-application-web-version: v1.3.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
authorization: Bearer undefined
x-application-product: headway
x-user-language: en
Referer: https://hw.online/user/signup?hwp=60f8fa
x-application-platform: web
x-application-id: 1
x-analytics-firebase-id

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARpgPH%2B0SG9UeBFUmMom8qFQOhWGHbpabJut5pU3K5RaG0ZfjACAzZZhYsqK7KvUcdwUG67HTxa5aRpFUN4IjOU1BCSDtCUftqxF%2FeaWe49DywDsIRQ9Kyu60V7mFH1EIGWVcPBFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
grpc-metadata-content-type: application/grpc
x-robots-tag: noindex, nofollow
cf-ray: 8a8d7c1b3ff139c8-FRA
content-length: 34

GET
H2 200 socials Show response
hw.online/api/auth/v1/ 171 B
401 B 324ms
284ms Fetch
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/api/auth/v1/socials

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66ed95778d1c5f871741d5a094443ae3bb2bd5476a8a5a638b18de2f724a17e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

x-application-web-version: v1.3.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
authorization: Bearer undefined
x-application-product: headway
x-user-language: en
Referer: https://hw.online/user/signup?hwp=60f8fa
x-application-platform: web
x-application-id: 1
x-analytics-firebase-id

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMozDHIJk%2BbJbEsCwij96w2MxkP%2BgbvJtpN90QGRjMzrnWxApXgvuTSzqfuw5Gt1oZJ992rRIjqvW2smvrPe3BfivcwoC1RfXHlIWqihzUzms0ceFe0WCOho8rYSQZXg2GOcM3XxLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
grpc-metadata-content-type: application/grpc
x-robots-tag: noindex, nofollow
cf-ray: 8a8d7c1b3ff439c8-FRA

GET
H2 200 gtm.js Show response
g.hw.online/ 379 KB
120 KB 2000ms
1448ms Script
application/javascript 34.111.36.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R
Requested by: Host: www.headwayfx.com
URL: https://www.headwayfx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.36.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.36.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 56a261c8dd812b456da58e57314603171f15971a4050bd5041362e7e5ae1b5fc

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 25 Jul 2024 15:00:00 GMT
server: Google Frontend
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 16:35:47 GMT

GET
H2 200 logo.3831b12adbfbf7206b368f87c7e9d4b3.svg
hw.online/static/media/ 2 KB
1 KB 328ms
288ms Image
image/svg+xml 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hw.online/static/media/logo.3831b12adbfbf7206b368f87c7e9d4b3.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

280107840cdac613d9e200f09e553fe690d346e5038629e56fbb2d7cfce3bf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66991a75-864"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FBhz%2F6ifIEdGe8d6VIvnt4IOCAvpSzVtrfxjNn9kz6FcCFhkJ2LGyYEnfkZghUz1oe8rMiI36QczkJbRafoLPzAptD797j0tRzvmk4xzFihI1rtnYjD7O2IfTWpZwnvbIs631lzYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8a8d7c1b3ff639c8-FRA

GET
H2 200 englishFlag.054148b2b714bae93b5e.webp
hw.online/static/media/ 1 KB
1 KB 314ms
274ms Image
image/webp 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hw.online/static/media/englishFlag.054148b2b714bae93b5e.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2e7cc9322c6ef3e4e5a8e2fc19f9ba1eb306169408bcf047c57af0a86e52f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6132
etag: "66991a75-41a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1twh12BITjESJMCBKR%2FShES90pxTo0AxE61GRNqq4dSAZSrfhVH9EMClpoisFFscmsfXjQeN5Q81HVGPLupaxN8MpNRVG3LED4Konw%2Fn%2FIVHct2kg%2BPILOe%2Bvj4fwTCIImz1k2PJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 8a8d7c1b3ff739c8-FRA
content-length: 1050

GET
H2 200 Satoshi-Medium.1ffe968245568e8ba1e7.woff2
hw.online/static/media/ 25 KB
25 KB 293ms
263ms Font
font/woff2 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/static/media/Satoshi-Medium.1ffe968245568e8ba1e7.woff2

Requested by

Host: hw.online
URL: https://hw.online/static/css/main.c35a99a5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/static/css/main.c35a99a5.css
Origin: https://hw.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3126
etag: "66991a75-63fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8N2yoWWjrgeCty2SdQFyVkMkIhnU8%2FlWeWVr4ICcsNsryZPrF4XmEGuT4zaxGgzp6jegBnvnSlaVhvLsdRTRZG50KkoaNzqNWZ1eFKl%2B69cioSp6WUOu%2FBeLnw8AquJiWiElGFABw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 8a8d7c1b682739c8-FRA
content-length: 25596

GET
H2 200 Satoshi-Regular.ca3da5fd2b609836ef69.woff
hw.online/static/media/ 32 KB
33 KB 290ms
260ms Font
font/woff 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/static/media/Satoshi-Regular.ca3da5fd2b609836ef69.woff

Requested by

Host: hw.online
URL: https://hw.online/static/css/main.c35a99a5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fbc41c98039b8f79ef0c037616a24d619e6b33f5a833c6f416816d7b493ccad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/static/css/main.c35a99a5.css
Origin: https://hw.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3125
etag: "66991a75-8100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nGvJKIoyrROhGNbggtvOqGIBfSp50wRe6aCjaldJM5ByCucwkOZkrv1tN1MLnf2XjeqNwh8fzNTxF%2B2PZrSefJ68iUBM5fSmj30pHkzxgD6rj8RjFEThITmbHj2ApC0IXqPXRPThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
accept-ranges: bytes
cf-ray: 8a8d7c1b682a39c8-FRA
content-length: 33024

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 298ms
242ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ba39f12c7ab0471e27a3ba1b4b523586

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

da1e908edb415a1e902e01f3ce3186cf2c8819e336dc9f95f2e354978803547d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hw.online/
Origin: https://hw.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 16:21:44 GMT
content-md5: Z6bBgbxADiAZ1c9JPMDkXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89060
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4314, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: DbWnsEVa4WdAbZOA/84IMIVm5PsI07A4k1uEcRCdM+9zSoeaLEnTPJQkaj/H6uFbjNNgV/QNWq2DbDB9iQMAVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 36ca782e547b3d733d09c5c878b997e7
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "0e214a18b1bf85240850c566d1ed7f83"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Jul 2025 14:48:31 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
984 B 192ms
63ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

7ae7b081bd8b62c62065dd8e391a33ea0d5cd0a881fb530104eccd77fd4edb82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Jul 2024 16:21:45 GMT

GET
H2 200 google.2b10688870a696ca5335f73ad8d71e26.svg
hw.online/static/media/ 1 KB
810 B 135ms
49ms Image
image/svg+xml 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hw.online/static/media/google.2b10688870a696ca5335f73ad8d71e26.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16d53e5cb0f10b2c093220abb681d0a8c3ad48ce85001fa97b9761dbf8c4bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3510
etag: W/"66991a75-42d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItIIuG9PNsvd%2BfXeJEuTtVgSNsE1QqzPZQkcNCf%2BhU6n2AlyBIv%2F3E7QX6gGGqkG%2BNkADjzVhEg5LoKzNeYlEeH%2BpqNQP6p3IwjIWhdLHzt4QHMFduLlWh%2BNXkl0th%2FW3FalP1DGVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8a8d7c1e5c5839c8-FRA

GET
H2 200 facebook.3804c7c5bbd456dba82286a3c296c725.svg
hw.online/static/media/ 543 B
718 B 137ms
51ms Image
image/svg+xml 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hw.online/static/media/facebook.3804c7c5bbd456dba82286a3c296c725.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e56bb98cd564a41113f4988a30273101bfbabaf0dd4b6d6c6c38d12ef2c6faad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 13:36:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3126
etag: W/"66991a75-21f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skEfaA3pQAAC7EE6i13F8U9LHVRYSfcSysHv9aDt6dss19nTEk%2F9OB3Ydz503a6I7cYn6jd%2Bp9uEw44NdCmzOpD9qOb8BlNc7lEPDb10XMq3AaGb56NR2U9yRy6OygXuQJnD9d7GEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 8a8d7c1e5c5639c8-FRA

GET
H2 200 84faf6b6-64bf-41ed-ad24-ace5a7992428 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 535ms
285ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/84faf6b6-64bf-41ed-ad24-ace5a7992428

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=84faf6b6-64bf-41ed-ad24-ace5a7992428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe17482480adb672fb81bbca989c04fc98daa45257f780c45073a1da5b060c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:45 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8a7a776c5f9813b4-SEA, 8a7a776c5f9813b4-SEA, 8a7a776c5f9813b4-SEA
x-runtime: 0.003842
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fe17482480adb672fb81bbca989c04fc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnrOkjnJWIlrD6gfuXGkkCMFpoRBlLJ2I1Ttp5SD3EqcLuXkXedJu1%2FytqdQQD7sAW5mPcSalkoyPIPWCjxNBmogC0qc09Aeh6oRjmZpCNjxYA9dXgXaCdAKxXeS8rIcTxU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes, yes
cf-ray: 8a8d7c1ff881bbe7-WAW

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 533 KB
213 KB 201ms
58ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
Origin: https://hw.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216982
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 21:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Jul 2025 10:56:38 GMT

GET
H2 200 web-widget-main-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 466 KB
143 KB 130ms
129ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=84faf6b6-64bf-41ed-ad24-ace5a7992428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205f1682642cb7796ac7c8fdb2504e344a87bc2fbe593013061f91e08883bf8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:45 GMT
x-amz-version-id: OROEy3dtcl6lvMGH5bCyRlXTxgqJSF.j
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3XMRQ9H4EKYFCJ
age: 199454
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: BfdNOlry2myFVJXrSqgQO9g/0WInduVq0xo3zhHbSWGOzXre+ABC5wtZe0mV3gDTEKPViw0oB6hQpYyHLze75A==
last-modified: Wed, 17 Jul 2024 12:19:22 GMT
server: cloudflare
etag: W/"97bd3a830abf8f8441faaedcf227e144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIGJhyVExz5F2oKRIlncOvytmFtOnSJRr4tP5QWrDkV6UrKzy7xlqKQzhXh9TtDHbWRkt5cs66TujVEwUg22t%2BVKKQ7GmqfgI%2F%2BQX5bSNF8Ni9Euo1qDQIHJf1U6Ks2Q14c3FPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c21dfbcc3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:21 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame E35C 0
0 260ms
80ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q&co=aHR0cHM6Ly9ody5vbmxpbmU6NDQz&hl=de&type=image&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&theme=light&size=invisible&badge=bottomright&cb=jmng6isxlwmu

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jtRD3yd6xMvwUKybKRkUgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jtRD3yd6xMvwUKybKRkUgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 16:21:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2505 0
0 269ms
95ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hw.online
URL: https://hw.online/static/js/main.7d99c409.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w47qCUZyVkb-FaV8ZWjCMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-w47qCUZyVkb-FaV8ZWjCMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 16:21:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 en-us-json-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 53A1 20 KB
4 KB 96ms
91ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9af7421e077845c74da7b6680dc98188286382796e4bda60fedfd4a20c15ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: PQREoO36PQ3ZSoNILD0N3gViZtlQUCdX
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3VEEMWHS91XH0J
age: 199453
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: GJA8eNsrYXf0J3Y07wzjE6gU9hQF1dsxc5ZTIWNcJCQi4Q1XEUHETRAzWIfxGid/Jd1ACGyW33GcVMo0KkNO9hYkN5rvi6gC
last-modified: Wed, 17 Jul 2024 12:19:23 GMT
server: cloudflare
etag: W/"166eb94e079b33ab287e115910c911f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51pmS11LYUkAWFpbvyLzl335d5lqCbg3%2Bw2%2BOZeuOYdwDLRusQZ6QBEdh2sK%2BfrW066jpFkztSPIBIW46Hmb8GBCE5pJUwGUlXY030ojbKz%2BGP7zuCDdjyl2bNFOwzQ4nK0ygTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c255ca5c3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:22 GMT

GET
H2 200 web-widget-4852-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 139 KB
47 KB 99ms
94ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: K8PaHChB2JGOcFU37wyjNZ2s5Z93umcc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3RGQFHZBCX5FHV
age: 199455
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: +K96mCtFxH+1wLi1O1GgMMTi2jRVwZPfnM0K5MqGnhq0SBY+q6MXz/7VmFWFQiUX3d7+M7WBnrtupbONjzr1og==
last-modified: Wed, 17 Jul 2024 12:19:21 GMT
server: cloudflare
etag: W/"40fb729956c4a956df4256614af4b393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EuogWtDbDITX9IrnAmlkUDz9Z2F9n2tyKnVcI%2Bv4pmMib7IP3NlDMHThLuMqrpJHTc6uMVi%2FWCxRth4Wc3jcQL7PxJerSFDXpXZlLFO1tjXbv1vglru6nkGX4t61uzF2x5K9A4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c255ca8c3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:20 GMT

GET
H2 200 web-widget-9527-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 29 KB
11 KB 95ms
87ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: sEPk.FvKdUe7R0G39mXdFyGmAsljnFy7
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3NN7276QXN6HST
age: 199455
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: VEkKc/kyMsfBKnevDDkaBorILvE0FlhxRgWbGAk4wFX0+MybOVKnMGuP0Rn2hkMYtoCqxbEv/8XKCZiXSh91HRwCpw7MeGGB
last-modified: Wed, 17 Jul 2024 12:19:22 GMT
server: cloudflare
etag: W/"083d4fe56f4013855997ad6d21392f69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EgDCVhlU3AakysqJ%2B5HHMNR47RaY9q%2Fr4BXRYdm1klOCbMK3TMiInq84riDJLaqsns1O5BXvq%2BPL%2BzdcqUHVPsVSzOMETyNLdYT2Sa6yGMyn6AfNvWBg5bAAwhVLv8h6yEIUxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c256cbec3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:21 GMT

GET
H2 200 web-widget-2306-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 14 KB
4 KB 128ms
121ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309396248d4758b65fceea868346c894ba6a296564e50c9d9c881f671d476d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: pHCNPBp1.UBP.GyYX_5weDrrL1V8h.67
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3W7THNQAXTYDZR
age: 199455
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: mc5Q0jkB29zDxg01K12Q4kyQu5sozZnqmOObgR55AMcuY9QNz5Zoce85WdcluWIPAtR5poRuOcWrRKKi4spqnw==
last-modified: Wed, 17 Jul 2024 12:19:21 GMT
server: cloudflare
etag: W/"bc05cb480436ceab94aeaa3577e243b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0H3JO8GZyaaqBbb6lVjoWowxsOtrTjfpJ6Wk%2FbuzjlINEOXG95UErzaMOX%2FgeBzemKCQhxyXuUd2rBO8h0rtcxUPo8Tr9lke4A99XIFVGf4eijt9RWyFyCiPTU5Kt8rI6wb0V7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c256cc1c3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:20 GMT

GET
H2 200 web-widget-198-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 10 KB
4 KB 89ms
86ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-198-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff28994d2b54d9ec720dfee461b74b75988d530316a673e5b3fc425ef482bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: u4vD.zl9X6zPIxOLNhNlbAn_WxdIn2AL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3VR4N5TYGYTAPD
age: 199455
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: PAdf2+rmmR+eHrDEMtUAtJzTx6nFmZ/ntGvK7I6Jjl4WTPF2eqCJXd5/3nD+8AxPXRX075/Y4kf/y5ZXMf64Ry1FeaoElG/c
last-modified: Wed, 17 Jul 2024 12:19:21 GMT
server: cloudflare
etag: W/"45512e4a121bcf0f0f725c4f3d6ea684"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59xQj4%2F39axTqfczoDQJgW%2FF5uj9iu57cpqr2XFbaDaVlqv%2FJ%2BVbCLUeKtPGiyFatkcbV8w%2F9xqVc9%2B2bQYiDviIvJPSZR%2BP2RRGJJxYbl8aNeygSWjEmwcUJCyahvCBARJSGfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c256cc3c3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:20 GMT

GET
H2 200 web-widget-3287-93ae424.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 53A1 17 KB
7 KB 81ms
80ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-3287-93ae424.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15214068da53e58e0c2cb0389d12311b478c679256a033f4353260ef59991c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:46 GMT
x-amz-version-id: 9XbI_Fzm8ZKaT_B8igsXSj3d1oVhtGHR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5Z3Z4NAZTHPHM66M
age: 199455
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: VHUMMOg5EZBjiSWwiZoMlPRWbGn2xRhc0ONGcMOJjxc0fJCzPJWcyCVEuTSWipXw3YQ8fseYNSvnOLBlIyrRriiiUcWkE5tZ
last-modified: Wed, 17 Jul 2024 12:19:21 GMT
server: cloudflare
etag: W/"3ed5d9012de2c3ed63142b1cc8c89107"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IW4MoTEJyaMWinBLPBPLXUo7MGj4jUGlt3551bggF2bv3NL3e8FLxj%2FPsVitLYy5LzYpYHMYfw1zIOvEXVLlbl7hVu7sdisOHfwjknCCPBI6cRPQ0XLja7E6JAYFqgzfpbqrXsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a8d7c256cc6c3fe-WAW
access-control-allow-headers: *
expires: Thu, 17 Jul 2025 12:19:20 GMT

POST
H2 200 pv
carehw.zendesk.com/frontendevents/ Frame 53A1 0
0 203ms
108ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carehw.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jul 2024 16:21:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrnTRzTRClnf8QkzasvBUrfJlTkH8k2FZ3vHpUDP1loJprwmpmwZxmXZsU5ckt1HUJ69euZMgsoi%2B0CTu556x4msQRHza3sJmfdFwOUVbxNKmFWXwSsRTcM0DyDoFGqWFy1hcA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8a8d7c29ad75c077-WAW
content-length: 0
x-request-id: 8a8d7c29ad75c077-WAW

GET
H2 200 config Show response
carehw.zendesk.com/embeddable/ Frame 53A1 814 B
1 KB 475ms
126ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carehw.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-93ae424.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209357c9e4eaf2fa3e5ac83dad257bb19c44329210a5484a57d6d947151a47b9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-596b8fcbc9-ddv4r
x-cached: MISS
x-request-id: 8a8d7c289bdfc077-WAW
x-runtime: 0.002104
last-modified: Thu, 25 Jul 2024 16:21:47 GMT
server: cloudflare
x-zendesk-zorg: yes
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acbIr%2BFnUS8MWbHaDE68gX8e7Agk%2FY9K0YfaElV3P8yBo1dv4F3apVHanTebhKEYwPBknpsBlozvKnIXlo%2FGI%2BFbWt9gNNsSBQdlNBXAKmyOxn91Q09NG82J0PXzqeNS6zZKKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8a8d7c289bdfc077-WAW

OPTIONS
H2 204 pv
carehw.zendesk.com/frontendevents/ Frame 0
0 474ms
125ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carehw.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hw.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8a8d7c289be0c077-WAW
date: Thu, 25 Jul 2024 16:21:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqsdDRdNTXvMKQVXIKNfsG42ZsRt5vyoNOaLD9lfv4E%2B7SKZxqRM3zc0hblKsfClMMaWOLOSwpduJYy9ALiOpUz7We%2FS%2BYz583ijS3URrNXUURYbCCLEI1wUWQRZtJ5Yx4ocLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8a8d7c289be0c077-WAW
x-zendesk-zorg: yes

GET
H2 200 js
g.hw.online/gtag/ 303 KB
0 1386ms
1385ms Script
application/javascript 34.111.36.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.hw.online/gtag/js?id=G-N81HJ9CQNJ&l=dataLayer&cx=c&sign=383ff024a829e6695be6e9796f7a524f53d95074973601cfacb872bff46bab1a_20240725
Requested by: Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.36.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.36.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:49 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 16:36:47 GMT

GET
H3 200 js Show response
g.hw.online/gtag/ 211 KB
75 KB 1378ms
1375ms Script
application/javascript 34.111.36.66
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.hw.online/gtag/js?id=DC-14148640&l=dataLayer&cx=c&sign=383ff024a829e6695be6e9796f7a524f53d95074973601cfacb872bff46bab1a_20240725
Requested by: Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.36.66 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 66.36.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: cef20028ec8370c9072c808fe9e50dcaa2bed57da71ef9b52dc843fd3348804e

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:49 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 25 Jul 2024 15:00:00 GMT
server: Google Frontend
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 16:36:11 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.2/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

7 KB
3 KB

148ms
148ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.2/dist/web-vitals.iife.js

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:48 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 684114
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J30YR64S738N00GM2VN9722J-fra
server: cloudflare
etag: "1c28-4f+2/GWZhXlozjo2GiBA+7VB9Ow"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a8d7c30a8ad65b9-FRA

Redirect headers

date: Thu, 25 Jul 2024 16:21:48 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J3NB01NZ2ZDRD0VPE2DB357X-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 185
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@4.2.2/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8a8d7c2fcf9565b9-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
58 KB 54ms
53ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 16:21:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=20, mss=1297, tbw=6621, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 6XlnBHxTMhFLfZwSyITiHhyPBSjy5EjhyxR70kfG+QugokcY372r07CSMwTkK4v7Fg7Qhxr1gAheV2qFOFbaWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 l0lp36tik1 Show response
www.clarity.ms/tag/ 638 B
1003 B 423ms
175ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/l0lp36tik1?ref=gtm
Requested by: Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a7d6ecb604739558e21696b06e5af27ea8e920c7f42572d73ada5b03416bbb9f

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jul 2024 16:21:48 GMT
x-azure-ref: 20240725T162148Z-16b8f8f97cfnrq4cz8chqytwuw00000003c000000000vy4q
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 638
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 340ms
148ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14148640&l=dataLayer&cx=c&sign=383ff024a829e6695be6e9796f7a524f53d95074973601cfacb872bff46bab1a_20240725

Requested by

Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

209ea2b6a8f66a78afd50afee37d0a43e97e104873031a60080405e27632749a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77631
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jul 2024 16:21:48 GMT

GET
H2 200 pushwoosh-web-notifications.js Show response
cdn.pushwoosh.com/webpush/v3/ 179 KB
34 KB 344ms
143ms Script
text/javascript 46.4.253.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Requested by: Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.253.88 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.253.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 0c18bcaa99b97a6850450f677b1606bbdcbcd04df34f5a64862f2fbfc35eebe0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 25 Jul 2024 16:21:48 GMT
content-encoding: gzip
x-cache-status: HIT
x-amz-storage-class: STANDARD
last-modified: Mon, 24 Jun 2024 10:37:11 GMT
server: nginx
etag: W/"6e0b2f4d70a9802985f0b7d7ae9ee8bf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: text/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=86400, public
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
expires: Fri, 26 Jul 2024 16:21:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 376ms
183ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.headwayfx.com
URL: https://www.headwayfx.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 25 Jul 2024 16:21:47 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8C636182113A4026A6FBFA9A757D3514 Ref B: FRA31EDGE0521 Ref C: 2024-07-25T16:21:48Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 199239796161551 Show response
connect.facebook.net/signals/config/ 71 KB
15 KB 151ms
150ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/199239796161551?v=2.9.162&r=stable&domain=hw.online&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

e5e03665240d525ed4d82dbfe58c0f4535c17d7ab25bf43626270d07bdbf63c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 16:21:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4312, tp=9, tpl=0, uplat=108, ullat=0
pragma: public
x-fb-debug: 9+S3faTNW+pns9zLgL+wUpIC5kB4MDZOeOS43Secl+fhUy90Mmh0DtpLziaKHmezaUiFLw+ucNe7iITcoPWy6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=*;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
https://ad.doubleclick.net/activity;dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;u...
https://adservice.google.com/ddm/fls/z/dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=*;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...

42 B
63 B

183ms
76ms

Image
image/gif

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=*;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.*

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CIOlsdXMwocDFSBrkQUdD942IQ;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=*;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.*
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
23 B 153ms
78ms Image
image/png 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14148640;type=web_c0;cat=visit0;ord=5312378740515;npa=0;auiddc=301155233.1721924509;ps=1;pcor=2074041170;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9190772948z8898094293za201zb898094293;gcs=G111;gcd=13t3t3t2t5;dma_cps=syphamo;dma=1;tag_exp=95250752;epver=2;em=tv.1?

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:48 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"8291468467371592620"}],"aggregatable_trigger_data":[{"filters":[{"14":["73783177"]}],"key_piece":"0xb03842b02529746c","source_keys":["12","13","14","15","16","17","18","19","20","21","628822296","628822297","628822298","628822299","634946968","634946969","634946970","634946971","638132532","638132533","638132534","638132535","900137432","900137433","900137434","900137435"]},{"key_piece":"0xb96259f4bf2d8741","not_filters":{"14":["73783177"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628822296","628822297","628822298","628822299","634946968","634946969","634946970","634946971","638132532","638132533","638132534","638132535","900137432","900137433","900137434","900137435"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628822296":32,"628822297":32,"628822298":32,"628822299":3177,"634946968":655,"634946969":655,"634946970":655,"634946971":63569,"638132532":327,"638132533":327,"638132534":327,"638132535":31784,"900137432":327,"900137433":327,"900137434":327,"900137435":31784},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"14043297284381779654","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8291468467371592620","filters":[{"14":["73783177"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8291468467371592620","filters":[{"14":["73783177"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8291468467371592620","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8291468467371592620","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14148640"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame FFBB 0
0 62ms
60ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pm1SYCLRTB6aozzvkgQI1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pm1SYCLRTB6aozzvkgQI1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 16:21:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 89ms
88ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/l0lp36tik1?ref=gtm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:48 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 00:36:01 GMT
etag: W/"0x8DCAB7897E68837"
vary: Accept-Encoding
x-azure-ref: 20240725T162148Z-16b8f8f97cfnrq4cz8chqytwuw00000003c000000000vy73
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d758b9a5-e01e-003c-7065-dd071c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&RedC=c.clarity.ms&MXFR=3092CA431A3463FB0139DE841E346DBF
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&MUID=0C7F84BC0E13605E16CD907B0F986180

42 B
465 B

61ms
60ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&MUID=0C7F84BC0E13605E16CD907B0F986180
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:49 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00A579A48B3B4B77AA7D39570D621724 Ref B: FRA31EDGE0521 Ref C: 2024-07-25T16:21:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FDDB54EA7ACF47938FD312358A8CE151&MUID=0C7F84BC0E13605E16CD907B0F986180
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 343031918.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 75ms
75ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343031918.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa5b6b9808e273a0ce5cc642eeb69da7c8cb56c1a35208e5a6a7b58d545992b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 25 Jul 2024 16:21:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 615A254960B64369915856DDFBDF9D3A Ref B: FRA31EDGE0521 Ref C: 2024-07-25T16:21:48Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame C959 0
0 55ms
54ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&k=6LdxGeUpAAAAAIIXzVeQtXDWBo3BpndFWlNef04q

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s_EWB0sMHbjZVPyqsE9W5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hw.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s_EWB0sMHbjZVPyqsE9W5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 16:21:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 127ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=199239796161551&ev=PageView&dl=https%3A%2F%2Fhw.online&rl=https%3A%2F%2Fwww.headwayfx.com&if=false&ts=1721924509212&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1721924509210.892433370939811850&pm=1&hrl=b85143&ler=other&cdl=API_unavailable&it=1721924508557&coo=false&eid=1721924508025&tm=1&cs_cc=1&cas=7615491855173774%2C8080168765345161%2C6947995425238215%2C24571149115831816%2C7438674442913858%2C8123254151019547%2C7936278166428487%2C7649542311765654%2C25094972416784626%2C8005329839480472%2C7567644299965176%2C7429262277187154%2C6824157664297042%2C7298416106884202%2C8144188432303035%2C6537082979723108%2C6572518686118447%2C5759612774140744%2C9693985923975460%2C6263808150375146&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Jul 2024 16:21:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 263ms
178ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=199239796161551&ev=PageView&dl=https%3A%2F%2Fhw.online&rl=https%3A%2F%2Fwww.headwayfx.com&if=false&ts=1721924509212&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1721924509210.892433370939811850&pm=1&hrl=b85143&ler=other&cdl=API_unavailable&it=1721924508557&coo=false&eid=1721924508025&tm=1&cs_cc=1&cas=7615491855173774%2C8080168765345161%2C6947995425238215%2C24571149115831816%2C7438674442913858%2C8123254151019547%2C7936278166428487%2C7649542311765654%2C25094972416784626%2C8005329839480472%2C7567644299965176%2C7429262277187154%2C6824157664297042%2C7298416106884202%2C8144188432303035%2C6537082979723108%2C6572518686118447%2C5759612774140744%2C9693985923975460%2C6263808150375146&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 25 Jul 2024 16:21:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395609452672056743", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=3089, tp=-1, tpl=-1, uplat=130, ullat=0
pragma: no-cache
x-fb-debug: hUP1Ak6cfzj8dGFGeo84CKsQJ6D2JXwJIIJmd6H4c0aw9DKYGhuzj0oSkc1NBrXL/eUJgQHPJ79bwBVBEHVjuA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395609452672056743"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 343031918 Show response
www.clarity.ms/tag/uet/ 692 B
948 B 218ms
218ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343031918?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343031918.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f5e701ffe1dbd4d645c306c41695dca86e2f4e35d1ea1dbc450990d21f991659

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jul 2024 16:21:49 GMT
x-azure-ref: 20240725T162149Z-16b8f8f97cfnrq4cz8chqytwuw00000003c000000000vy8u
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 692
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 0
bat.bing.com/action/ 0
282 B 107ms
107ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343031918&Ver=2&mid=27d8a741-a317-4e9e-bee7-6902fb2227e9&sid=fe8d39f04aa111efb6199f2d88a77d28&vid=fe8d6ec04aa111efa131a955573850f0&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Headway%20%E2%80%93%20your%20reliable%20broker%20for%20smart%20Forex%20trading&p=https%3A%2F%2Fhw.online%2Fuser%2Fsignup%3Fhwp%3D60f8fa&r=https%3A%2F%2Fwww.headwayfx.com%2F&lt=5232&evt=pageLoad&sv=1&cdb=AQAQ&rn=475319

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jul 2024 16:21:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4604D191934E4D7D82924AA20ED966F2 Ref B: FRA31EDGE0521 Ref C: 2024-07-25T16:21:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
273 B 551ms
283ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://hw.online
Date: Thu, 25 Jul 2024 16:21:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 getConfig Show response
cp.pushwoosh.com/json/1.3/ 891 B
1 KB 260ms
110ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getConfig
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx / pushwoosh/device-api
Resource Hash: ba793c979e72a17191e08d703d21688dce3b80825992e1dd1a096b431bce2191

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:49 GMT
x-pod-name: pushwoosh-device-api-68494964bb-fhwsd
content-encoding: gzip
x-pod-ip: 10.222.100.5
x-powered-by: pushwoosh/device-api
x-host-ip: 172.16.2.32
x-pod-namespace: pushwoosh
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-host-name: r2-cl-14.r2h.nue
nginx-frontend-hash: 2f812aa5eba642d8715f2117e74b84da
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v9190772948z8898...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v91...

42 B
64 B

173ms
83ms

Ping
image/gif

142.250.185.162

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v9190772948z8898094293za200zb898094293&auid=301155233.1721924509&frm=0

Protocol

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t6&tag_exp=0&rnd=263970978.1721924510&url=https%3A%2F%2Fhw.online%2Fuser%2Fsignup&dma_cps=syphamo&dma=1&npa=0&gtm=45de47o0v9190772948z8898094293za200zb898094293&auid=301155233.1721924509&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 postEvent Show response
cp.pushwoosh.com/json/1.3/ 57 B
505 B 131ms
128ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/postEvent
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: dc1826108658cb018ae83e4d4550a2d099c453467c35fb421fabac96d7042074

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:50 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: 2f812aa5eba642d8715f2117e74b84da
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 applicationOpen Show response
cp.pushwoosh.com/json/1.3/ 75 B
521 B 122ms
121ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 4add3fe371639b40f8491b105b99a35050365ebbc41dac264d11c5ca29434b96

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:50 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: 21ee150abf6617b726f10875d767617e
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 setTags Show response
cp.pushwoosh.com/json/1.3/ 55 B
503 B 93ms
92ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/setTags
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: ac2909ff9672232dbccc39a6db9f317ad21464c99691a51d1bf5060b0e92a2ed

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:50 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: 93c3e451ac2c4f0079dda4bdc37f4fb3
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2 200 manifest.json Show response
hw.online/ 1 KB
700 B 122ms
122ms Fetch
application/json 2606:4700:20::681a:48d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hw.online/manifest.json

Requested by

Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:48d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8e1435acd23dc07ad95aa482466bfb3781895ba2254c26926a8d482dd9f795

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hw.online/user/signup?hwp=60f8fa
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Thu, 25 Jul 2024 13:47:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"66a2577c-47e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q%2BRonqZujPAm69CfHeAAWRk%2FoiqgSal%2FDn2K0qwJYEu0zpzYq0aR1APnCRMSM9NtELF344jb%2FjAochfDac808vSeZDt4xbxXwbIwMezMCHyTrPTEt0vaFS7Cv38jxoo7rOsrcEaUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8a8d7c3debc439c8-FRA

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
273 B 131ms
130ms XHR
text/plain 4.153.72.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://hw.online
Date: Thu, 25 Jul 2024 16:21:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 200 checkDevice Show response
cp.pushwoosh.com/json/1.3/ 92 B
535 B 103ms
101ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/checkDevice
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx /
Resource Hash: 80a6cd3f4e27387856ab523ff4a8e61d6d247b5da25ceb888f6b726f1c59027b

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:51 GMT
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
nginx-frontend-hash: a0ed8d1c9f716e68b7cf91b4329d5c17
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

POST
H2 200 getInboxMessages Show response
cp.pushwoosh.com/json/1.3/ 92 B
625 B 119ms
108ms Fetch
application/json 95.217.122.4
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.pushwoosh.com/json/1.3/getInboxMessages
Requested by: Host: cdn.pushwoosh.com
URL: https://cdn.pushwoosh.com/webpush/v3/pushwoosh-web-notifications.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.217.122.4 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.4.122.217.95.clients.your-server.de
Software: nginx / phpDaemon/1.0-beta3
Resource Hash: 66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 16:21:51 GMT
x-pw-front-node: inbox-api-7f4749d7cb-8hs9x
content-encoding: gzip
nginx-terminator-hash: a410335f60f8f772bb5422287feb83c5
server: nginx
x-powered-by: phpDaemon/1.0-beta3
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-pw-cluster-node: inbox-api-7f4749d7cb-8hs9x
access-control-allow-credentials: true
nginx-frontend-hash: f4e1047223a1c22e544e27c104d82c13
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
22 KB 356ms
80ms Script
application/javascript 2a02:2638:3::e

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=106279&a=106284&a=106277&a=106276&a=106285&a=104189&a=106736&a=103472&a=111766

Requested by

Host: g.hw.online
URL: https://g.hw.online/gtm.js?id=GTM-TK9ZP3R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

fa1a19a4afe4d73f077b1bf05056e84c1b7fdd8c967a6d1d01a8c1d2b0e3febb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

https://gum.criteo.com/sync?c=746&r=2&a=1&j=crto_callback
https://gum.criteo.com/sync?s=1&c=746&r=2&a=1&j=crto_callback

75 B
527 B

134ms
82ms

Script
text/javascript

2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?s=1&c=746&r=2&a=1&j=crto_callback

Protocol

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e5477fec983094919bd8a7cec3842691ca6df6d187d5ad64a1731309bc915637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 16:21:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1645786
expires: 60

Redirect headers

location: /sync?s=1&c=746&r=2&a=1&j=crto_callback
date: Thu, 25 Jul 2024 16:21:52 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1018707
content-length: 0

GET
H2 200 event
sslwidget.criteo.com/ 58 KB
7 KB 394ms
90ms Script
application/x-javascript 178.250.1.9

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B106279%2C106284%2C106277%2C106276%2C106285%2C104189%2C106736%2C103472%2C111766%5D&v=5.26.1&otl=1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.headwayfx.com&p1=e%3Dvpg%26tms%3Dgtm-template&p2=e%3Dce%26m%3D%255B5e543256c480ac577d30f76f9120eb74%255D%26h%3Dmd5&p3=e%3Ddis&adce=1&sc=%7B%22fbp%22%3A%22fb.1.1721924509210.892433370939811850%22%7D&tld=hw.online&dy=1&fu=https%253A%252F%252Fhw.online%252Fuser%252Fsignup%253Fhwp%253D60f8fa&pu=https%253A%252F%252Fwww.headwayfx.com%252F&ceid=2681945a-97bb-4219-805e-2e2424724751

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=106279&a=106284&a=106277&a=106276&a=106285&a=104189&a=106736&a=103472&a=111766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hw.online/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 16:21:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 45311935
timing-allow-origin: *
expires: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame F788 0
0 173ms
1ms Document
text/html 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=hw.online&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=106279&a=106284&a=106277&a=106276&a=106285&a=104189&a=106736&a=103472&a=111766

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hw.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 16:21:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 1028855
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET register-trigger
measurement-api.criteo.com/ 0
0

GET pixel
cm.g.doubleclick.net/ Frame 20F9 0
0

GET sync
x.bidswitch.net/ Frame 20F9 0
0

GET getuid
ib.adnxs.com/ Frame 20F9 0
0

GET /
rtb-csync.smartadserver.com/redir/ Frame 20F9 0
0

GET /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 20F9 0
0

GET sync
visitor.omnitagjs.com/visitor/ Frame 20F9 0
0

GET rum
r.casalemedia.com/ Frame 20F9 0
0

GET

ibs:dpid=28645&dpuuid=ULQwIvRYvsn7ydd53bXVv41HTQcbGTzA
dpm.demdex.net/ Frame 20F9
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ULQwIvRYvsn7ydd53bXVv41HTQcbGTzA

0
0

GET 9.gif
id5-sync.com/s/966/ Frame 20F9 0
0

GET match
ad.360yield.com/ Frame 20F9 0
0

GET sync
matching.ivitrack.com/ Frame 20F9 0
0

GET cksync.php
contextual.media.net/ Frame 20F9 0
0

GET push
exchange.mediavine.com/usersync/ Frame 20F9 0
0

GET 1017
jadserve.postrelease.com/suid/ Frame 20F9 0
0

GET cookie-sync
sync.outbrain.com/ Frame 20F9 0
0

GET Pug
simage2.pubmatic.com/AdServer/ Frame 20F9 0
0

GET tap.php
pixel.rubiconproject.com/ Frame 20F9 0
0

GET v1
match.sharethrough.com/sync/ Frame 20F9 0
0

GET um
criteo-sync.teads.tv/ Frame 20F9 0
0

GET sync
criteo-partners.tremorhub.com/ Frame 20F9 0
0

GET xuid
eb2.3lift.com/ Frame 20F9 0
0

GET m
ad.yieldlab.net/ Frame 20F9 0
0

GET sync
sync-criteo.ads.yieldmo.com/ Frame 20F9 0
0

GET put
e1.emxdgt.com/ Frame 20F9 0
0

GET k-HCLLfScLHenIdJX-VZ_sgTdFX14LNiMrtt3Qgw
sync.1rx.io/usersync/criteodsp/ Frame 20F9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhb71NxFFaYPiCxNeJByJ1NOGvZOXX5EXKv-WuIQFdjUs-nKNlsA-RRmrtHcGQurHehrs6B9XJI6UR34cMCSSLXH8cL4Q45Q_6TZiLeJWFyJJb8U2fFCYResuHAuI7jv4Pz4Bx_jgC31PDC-hJLKH5aFFh77FA_JooC7kT6Zd7Pgy4yaWEYkY_j__FSRAM/s1600/05%20Energi.png

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirRejssu1JCXvnBGjLeE5zMe87IQfRMt8SmEe6_stLfCmTUl0Z6wFhbOAHCCYdeKOAJagBs3YmzAgBhtlGeQdmkwb6yKw87PWcdI-m4vgK5DyFjHGrjOXerGUOwEtxK0u9WKEl54CjU110hyphenhyphen4wsb8GLLXWoiUrpcp0aKWnOyIJGc7KfJivhIqE0Bf5tiI/s1600/06%20Instrumen%20digital.png

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-uYtLuPfEGImOPolhqZ1DKbueJQh1qUtHME11UxEXCEgxP5oZvz6wGMypOCYg4QrWXr9uU5FCwIV5xDE0MghzfRwLm6mfi4ZbNBYTxJp_33tWhI8xW772bUj9KeA_khVLAjnsAIDFW-Fsgbn-pGKyYczYO5ZSZb6cWtxLSGm_WAplAbPMFCBHahLhGQw/s16000/DEPO%20WD%20HW.png

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvGaAI8jR_h_JPq-C8SmkhsWwPQ_LrmgyIuXkc10gXrpppDZ0DTB0_nrHXrAb_SJucLppQh3-HavVRx8kwyp1O20D8_RPYposCPImg-_ZqfQm1OCxBCFV8A9opzj7WUYvN5uiliyslWPlsE8VrHdjAOy3aGFBg9MmcCd2R4SQT3NhTP60WvhnzOCx1848/s16000/HEADWAY%202024%20-%20004.png

Domain: www.headwayfx.com
URL: https://www.headwayfx.com/js/cookienotice.js

Domain: measurement-api.criteo.com
URL: https://measurement-api.criteo.com/register-trigger?partner_id=103472&uid=08314798-db90-4890-a6ce-a3b4f1bdaa79&event_name=ViewPage&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=2681945a-97bb-4219-805e-2e2424724751

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-JdVu5ycLHenIdJX-VZ_sgTdFX17uSqSiC_uMPg&google_cm&google_hm=ay1KZFZ1NXljTEhlbklkSlgtVlpfc2dUZEZYMTd1U3FTaUNfdU1QZw

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sviaSycLHenIdJX-VZ_sgTdFX16Z3-gKxZKDrQ&expires=30

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-XIc65icLHenIdJX-VZ_sgTdFX16t89pkBWzPZQ

Domain: sync-t1.taboola.com
URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-k_KWGycLHenIdJX-VZ_sgTdFX17uB3nR4NafAA

Domain: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-GkaCfCcLHenIdJX-VZ_sgTdFX14bJPyZVUoM8g

Domain: r.casalemedia.com
URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-zwBiXCcLHenIdJX-VZ_sgTdFX16mmpTiFaWzNQ

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ULQwIvRYvsn7ydd53bXVv41HTQcbGTzA

Domain: id5-sync.com
URL: https://id5-sync.com/s/966/9.gif?puid=k-DferCCcLHenIdJX-VZ_sgTdFX165-CRGbxkvAg

Domain: ad.360yield.com
URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-5g57aicLHenIdJX-VZ_sgTdFX14PSue6qQxvxQ

Domain: matching.ivitrack.com
URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Du_3HycLHenIdJX-VZ_sgTdFX17i02ES1iJDxg

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RFpDGicLHenIdJX-VZ_sgTdFX14mLV7u12y3Ng

Domain: exchange.mediavine.com
URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-lP6UfScLHenIdJX-VZ_sgTdFX16v7L-V73voUg

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/1017?vk=k-OqCl5CcLHenIdJX-VZ_sgTdFX140l_XUEz5QbA

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-P7pY2ycLHenIdJX-VZ_sgTdFX17OtcZGKNNPbQ&initiator=partner

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-k5ecEicLHenIdJX-VZ_sgTdFX14YOwtg2FEI5w

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-85MJPCcLHenIdJX-VZ_sgTdFX170JOkVww7E9Q&expires=30

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-zPn49CcLHenIdJX-VZ_sgTdFX163LABqeEKQxA

Domain: criteo-sync.teads.tv
URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-WAm5iycLHenIdJX-VZ_sgTdFX179fBX6pyDaWA

Domain: criteo-partners.tremorhub.com
URL: https://criteo-partners.tremorhub.com/sync?UICR=k-XRChIicLHenIdJX-VZ_sgTdFX15CZXi27jAkWQ

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-p5paiScLHenIdJX-VZ_sgTdFX16-nizxJMimzw&dongle=013b

Domain: ad.yieldlab.net
URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-m4XvMScLHenIdJX-VZ_sgTdFX14J_h1GkLdglw

Domain: sync-criteo.ads.yieldmo.com
URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-7C021CcLHenIdJX-VZ_sgTdFX163mKbNeKORFw&pn_id=criteo&ext=1

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/put?d=d53&uid=k-p7YfGicLHenIdJX-VZ_sgTdFX15s_AAHRHur1Q

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/criteodsp/k-HCLLfScLHenIdJX-VZ_sgTdFX14LNiMrtt3Qgw

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:37:56	Name: _GRECAPTCHA Value: 09AD4nbXSktFBqmJ4QWzC_yb-5yU8FOyqo8q2AfeCr1B-gPz6COL7-BOysZXXf9Sh66LcDIsNJPjndXIh1ksUN4-A
.hw.online/	1970-01-20 22:18:44	Name: _ga Value: undefined
www.clarity.ms/	1970-01-21 07:04:20	Name: CLID Value: e99376bd35184ce6834de3bda6717b6b.20240725.20250725
.hw.online/	1970-01-21 00:28:20	Name: _gcl_au Value: 1.1.301155233.1721924509
.doubleclick.net/	1970-01-20 23:01:56	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 07:40:20	Name: IDE Value: AHWqTUk8yqIXoR9Cc4DKLrhGTPdbtRylTUqVUbq9X7F3JWDQQbAqFk27GcPZ0H3bqYA
.doubleclick.net/	1970-01-21 02:37:56	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 07:40:20	Name: MUID Value: 0C7F84BC0E13605E16CD907B0F986180
.c.bing.com/	1970-01-20 22:28:49	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:40:20	Name: SRM_B Value: 0C7F84BC0E13605E16CD907B0F986180
.hw.online/	1970-01-21 00:28:20	Name: _fbp Value: fb.1.1721924509210.892433370939811850
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:40:20	Name: MUID Value: 0C7F84BC0E13605E16CD907B0F986180
.c.clarity.ms/	1970-01-20 22:28:49	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:18:45	Name: ANONCHK Value: 0
.hw.online/	1970-01-20 22:20:10	Name: _uetsid Value: fe8d39f04aa111efb6199f2d88a77d28
.hw.online/	1970-01-21 07:40:20	Name: _uetvid Value: fe8d6ec04aa111efa131a955573850f0
.bing.com/	1970-01-21 07:40:20	Name: MSPTC Value: AgXKz7G-Jk_GLHH5PIbt48uyE5iKqkmWJD0Tx6bU_qM

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hw.online/api/user/v1/user Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://hw.online/api/auth/v1/login/refresh Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://hw.online/api/user/v1/user Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adservice.google.com
ajax.googleapis.com
bat.bing.com
blogger.googleusercontent.com
c.bing.com
c.clarity.ms
carehw.zendesk.com
cdn.pushwoosh.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cp.pushwoosh.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
ekr.zdassets.com
exchange.mediavine.com
fonts.googleapis.com
g.hw.online
googleads.g.doubleclick.net
gum.criteo.com
headway.partners
headway.work
hw.online
i.clarity.ms
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
maxcdn.bootstrapcdn.com
measurement-api.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.zdassets.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
unpkg.com
use.fontawesome.com
visitor.omnitagjs.com
www.blogger.com
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.headwayfx.com
x.bidswitch.net
ad.360yield.com
ad.yieldlab.net
blogger.googleusercontent.com
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
visitor.omnitagjs.com
www.headwayfx.com
x.bidswitch.net
104.16.51.111
104.18.10.207
104.18.70.113
104.18.72.113
13.74.129.1
142.250.181.233
142.250.185.162
142.250.185.98
142.250.186.129
157.240.253.1
172.67.132.72
172.67.158.78
178.250.1.9
216.58.212.132
216.58.212.134
2606:4700:20::681a:48d
2606:4700:3036::6815:1b98
2606:4700::6810:4f49
2606:4700::6811:f8cb
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::2013
2a00:1450:4001:813::2001
2a00:1450:4001:828::2009
2a00:1450:4001:82f::2008
2a00:1450:400c:c1f::54
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.111.36.66
4.153.72.49
46.4.253.88
95.217.122.4
0c18bcaa99b97a6850450f677b1606bbdcbcd04df34f5a64862f2fbfc35eebe0
15214068da53e58e0c2cb0389d12311b478c679256a033f4353260ef59991c4a
158ab92279405245c18c50a69fe759741669d167fb2fb237b8276c3f1859cc8d
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
1e8e1435acd23dc07ad95aa482466bfb3781895ba2254c26926a8d482dd9f795
205f1682642cb7796ac7c8fdb2504e344a87bc2fbe593013061f91e08883bf8a
209357c9e4eaf2fa3e5ac83dad257bb19c44329210a5484a57d6d947151a47b9
209ea2b6a8f66a78afd50afee37d0a43e97e104873031a60080405e27632749a
280107840cdac613d9e200f09e553fe690d346e5038629e56fbb2d7cfce3bf94
309396248d4758b65fceea868346c894ba6a296564e50c9d9c881f671d476d7d
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
4add3fe371639b40f8491b105b99a35050365ebbc41dac264d11c5ca29434b96
553def3b0a582fd7695ae1b3a0386c26dac19a5a4e3e2c280a92a72c25c642bd
56a261c8dd812b456da58e57314603171f15971a4050bd5041362e7e5ae1b5fc
609b32d117eac8db1c3eaabdebdcd9bcad297c4f17ad55d5ff563d389086a0fd
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
66ed95778d1c5f871741d5a094443ae3bb2bd5476a8a5a638b18de2f724a17e9
7ae7b081bd8b62c62065dd8e391a33ea0d5cd0a881fb530104eccd77fd4edb82
7e9a7a568120407de68ec39c08bb9a1e6b7df89dd356e26c13056fdf6da3d07e
80a6cd3f4e27387856ab523ff4a8e61d6d247b5da25ceb888f6b726f1c59027b
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9fbc41c98039b8f79ef0c037616a24d619e6b33f5a833c6f416816d7b493ccad
a7d6ecb604739558e21696b06e5af27ea8e920c7f42572d73ada5b03416bbb9f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ac2909ff9672232dbccc39a6db9f317ad21464c99691a51d1bf5060b0e92a2ed
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
ba793c979e72a17191e08d703d21688dce3b80825992e1dd1a096b431bce2191
c92bb04696b85d2652a638c73be66485556a34b4858c9389c8c388e4120d4061
c9af7421e077845c74da7b6680dc98188286382796e4bda60fedfd4a20c15ca7
cbf6b413361336415f0b14b01563d4d7a99491d9f9984ca776685df86cc49179
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cef20028ec8370c9072c808fe9e50dcaa2bed57da71ef9b52dc843fd3348804e
d16d53e5cb0f10b2c093220abb681d0a8c3ad48ce85001fa97b9761dbf8c4bd8
d9e6ef1db738ef4d3938b0c752b896dbdfe815aba73a5c6cce03081c42b9cc49
da1e908edb415a1e902e01f3ce3186cf2c8819e336dc9f95f2e354978803547d
db1742900a166ba97488a95c78b1b91897ff9f36edd445a06d90bd6856070dd7
dc1826108658cb018ae83e4d4550a2d099c453467c35fb421fabac96d7042074
de2e7cc9322c6ef3e4e5a8e2fc19f9ba1eb306169408bcf047c57af0a86e52f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5477fec983094919bd8a7cec3842691ca6df6d187d5ad64a1731309bc915637
e56bb98cd564a41113f4988a30273101bfbabaf0dd4b6d6c6c38d12ef2c6faad
e5e03665240d525ed4d82dbfe58c0f4535c17d7ab25bf43626270d07bdbf63c7
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e701ffe1dbd4d645c306c41695dca86e2f4e35d1ea1dbc450990d21f991659
fa1a19a4afe4d73f077b1bf05056e84c1b7fdd8c967a6d1d01a8c1d2b0e3febb
fa5b6b9808e273a0ce5cc642eeb69da7c8cb56c1a35208e5a6a7b58d545992b7
fc464059f964f3869b102601f4c28082824a398d9dc569804ace7c666bbd086d
fe17482480adb672fb81bbca989c04fc98daa45257f780c45073a1da5b060c29
fff28994d2b54d9ec720dfee461b74b75988d530316a673e5b3fc425ef482bd6

hw.online Open in urlscan Pro 2606:4700:20::681a:48d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

69 %HTTPS

47 %IPv6

47 Domains

61 Subdomains

35 IPs

6 Countries

2592 kBTransfer

8582 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hw.online Open in urlscan Pro
2606:4700:20::681a:48d Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

69 %
HTTPS

47 %
IPv6

47
Domains

61
Subdomains

35
IPs

6
Countries

2592 kB
Transfer

8582 kB
Size

18
Cookies

117 HTTP transactions
0 data transactions