52.64.66.132 Open in urlscan Pro
52.64.66.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://52.64.66.132/
Submission: On February 16 via manual (February 16th 2022, 5:43:21 am UTC) from AU — Scanned from DE

Summary HTTP 191 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 31 domains to perform 191 HTTP transactions. The main IP is 52.64.66.132, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is 52.64.66.132.

This is the only time 52.64.66.132 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
73	52.64.66.132 52.64.66.132	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.18.118 52.217.18.118	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3121::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:802::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
10	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	184.30.25.161 184.30.25.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6813:d983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2.16.106.58 2.16.106.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	52.86.94.156 52.86.94.156	14618 (AMAZON-AES) (AMAZON-AES)
1	34.224.182.144 34.224.182.144	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6812:963	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	3.217.16.251 3.217.16.251	() ()
191	40

73 52.64.66.132 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com

52.64.66.132	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.18.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::f (United States)

ASN13335 (CLOUDFLARENET, US)

spatialsource.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d983 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States) 1 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.106.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-106-58.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.94.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-94-156.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.182.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-182-144.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:963 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-engine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.16.251 (None, )

ASN- ()

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com 7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	946 KB
13	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 pubads.g.doubleclick.net — Cisco Umbrella Rank: 506	144 KB
10	wistia.net fast.wistia.net — Cisco Umbrella Rank: 6469	358 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	400 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 86 adservice.google.com — Cisco Umbrella Rank: 59	74 KB
7	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 analytics.twitter.com — Cisco Umbrella Rank: 468 syndication.twitter.com — Cisco Umbrella Rank: 840	151 KB
6	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 1324 m.addthis.com — Cisco Umbrella Rank: 1287	218 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	179 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	197 KB
3	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 747	273 KB
3	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 7246	354 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314	73 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	33 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	172 B
2	polarcdn-engine.com polarcdn-engine.com — Cisco Umbrella Rank: 10972	560 B
2	wistia.com distillery.wistia.com — Cisco Umbrella Rank: 5577 pipedream.wistia.com — Cisco Umbrella Rank: 5795	315 B
2	google.de www.google.de — Cisco Umbrella Rank: 6342 adservice.google.de — Cisco Umbrella Rank: 9027	1 KB
2	t.co 1 redirects t.co — Cisco Umbrella Rank: 456	884 B
2	mediavoice.com 1 redirects plugin.mediavoice.com — Cisco Umbrella Rank: 32515	137 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 50	278 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1518	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2042	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2019	21 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 330	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2180	889 B
1	spatialsource.com.au spatialsource.com.au	10 KB
1	amazonaws.com s3.amazonaws.com	19 KB
0	intermedia.com.au Failed secure.intermedia.com.au Failed
191	31

	Domain	Requested by
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 52.64.66.132
10	fast.wistia.net	52.64.66.132 fast.wistia.net
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	52.64.66.132 securepubads.g.doubleclick.net www.gstatic.com
5	www.googletagservices.com	52.64.66.132 securepubads.g.doubleclick.net
5	s7.addthis.com	1 redirects 52.64.66.132 s7.addthis.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.facebook.com	52.64.66.132 connect.facebook.net
4	platform.twitter.com	52.64.66.132 platform.twitter.com
4	connect.facebook.net	52.64.66.132 connect.facebook.net
3	static.xx.fbcdn.net	www.facebook.com
3	pagead2.googlesyndication.com	www.googletagservices.com
3	embedwistia-a.akamaihd.net	fast.wistia.net
2	fg8vvsvnieiv3ej16jby.litix.io	fast.wistia.net
2	syndication.twitter.com	platform.twitter.com 52.64.66.132
2	polarcdn-engine.com	plugin.mediavoice.com
2	t.co	1 redirects 52.64.66.132
2	apis.google.com	52.64.66.132 apis.google.com
2	plugin.mediavoice.com	1 redirects 52.64.66.132
2	www.googletagmanager.com	1 redirects 52.64.66.132
2	www.google-analytics.com	52.64.66.132 www.google-analytics.com
2	cdn.onesignal.com	52.64.66.132 cdn.onesignal.com
2	fonts.googleapis.com	52.64.66.132
1	pubads.g.doubleclick.net	plugin.mediavoice.com
1	analytics.twitter.com	static.ads-twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	pipedream.wistia.com	fast.wistia.net
1	distillery.wistia.com	fast.wistia.net
1	onesignal.com	cdn.onesignal.com
1	7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.google.de	52.64.66.132
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	static.ads-twitter.com	52.64.66.132
1	js.hs-scripts.com	52.64.66.132
1	spatialsource.com.au	52.64.66.132
1	s3.amazonaws.com	52.64.66.132
1	ajax.googleapis.com	52.64.66.132
0	secure.intermedia.com.au Failed	52.64.66.132
191	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
directory.spatialsource.com.au
shop.spatialsource.com.au
instagram.com
wordpress.org
www.woothemes.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-25` - `2022-02-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.wistia.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.litix.io Amazon	`2021-10-28` - `2022-11-25`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://52.64.66.132/
Frame ID: B2745D29DF45CCA721A43A1609BDBFA0
Requests: 128 HTTP requests in this frame

Frame: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
Frame ID: 3EB54A7EE226464BE924224C1AE619D4
Requests: 17 HTTP requests in this frame

Frame: https://7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 80AC7A59B3692470CC7344E9134B38CC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8NpWxGzhwo21ptoIJkwgu0nmzDkzxrlgROm2W2MwV1lBj0LAW136fl2tQi7nc72xwDqoxpVNA90tCFUfv-kcy9CI5bF-_lxb6Oey-NijKpbRgfZZDtrbccXRVFVF0dXfk_tnlgsoFYbV9y1vcqq3_szzGzWQ0F39F6yKdUaDN2cFh9Ml4RSqwpAUaULCOap7ELtpNF14bsEmDCt98TEQjhnlQuSA4xM4cAOPr70rwe6jc0A9rx72_B9bBWO347kiVXHiqVW9QXCt4fg_y8rmP2K-7dzB3-QWrMb1-md4&sai=AMfl-YQzkjS-mNt1Kiejpj7d4OtK_8HpVhbF0pobBXWArkecrBgFPB3YRSGPg_hkMb0YnS3wUhfmAVXIxATh0uVgUM3ZLmuAxmDlXT3Mar_tyY5l4mBit675w7a9LZQNgGQ&sig=Cg0ArKJSzHV5PdlJCtaIEAE&uach_m=[UACH]&adurl=
Frame ID: F9B71D7411DBB77262FEC3147CEE7972
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstD7Ru6Tp_T5e34vZ0x9-K-tgGpTemYAa2UetGeNf6hSNVAIdLobpdiGlq6njc9LpS5KnE-yoW2NLPkC9LmcBADeeO1czM7e0Uwzwiymlp7tfTmy9f71uCiSLFDZWKI0ir6RznW3F-oJiugrx0geWt00oet9_WiWOUDl5_NFWvt6G8dewszzNKRNLzsIgboFUu0dju0u-2dq7uvKYeueVMssx0hAfmqd4WOHOkPXS6qYY5v1pAYd6013dKjYD6ahhgC_zckz55BL4sPTTCWgwauEt1NKtPz-tCgFgVOs2XPu0&sai=AMfl-YSAnIMV4Ci6PG8w9nzkZu_DT3OCCTwKad69DdMyETNZ1GUvr0nZFbmIAjVQul0iXWAZWb6KLgSNW-wCyt2v2Hcp_hiWWfiin91v4AxPw_8phOdlHprjBwvcs2HEAIs&sig=Cg0ArKJSzG4pHKJnb7EjEAE&uach_m=[UACH]&adurl=
Frame ID: 17B5000B06B2EA3F20F9E766A8A708C3
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFBDt1QAeQTbq4XzanKg9jI9_-AVUtpqLF0fWHN2FJ0y-pR-dH8pQxFbUGkPZe8kDTbs7EnwyniS05JMXbx2dZ7pNyepYe5EVYCTSo7rMeyZ4Kut7k6ya7NNfOHuid5V6T37X6dTP-K-j34FZQBtWoXxb9aNHsR6oUj4NSf5oCaHfVwV-gRW18NFz9FVv-5hpF2QaohrHsJfO83yVDISpgxE_F1R6KcSfDYiweiXh8Qoh6UR89bZMsCa5XRo-LCJlw9l3qYxsKHRTqKzMm65OLzc_rMjTz98fqsEwFc5bM0q8&sai=AMfl-YQK1BgcNlQwnKWQmlRhpCWVDtlzX5bpgJe0fzE2a5AFGLAa-P2fGEGRKrGmG5EkuA9Do2gdILEhZ-qGPXRb1CCBu3TxhirjehqKjjTd3xXdX-vLbJIgfgIo5GtsgJ0&sig=Cg0ArKJSzCjrqlQZOJFCEAE&uach_m=[UACH]&adurl=
Frame ID: 8260405658384FBCF9CD13D48D17C5B0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspZMBlSB6LLexAEORZa_pzR4UJ4sEBOk0YzIZD1fnTL7z5ovL3bLdj5EZeOjOyNWGH9fMUZP6zdIQ7k7B_YLaoZc7KrBzRsDyaf1SgYSnG9uZm5thmm4gWrgoXlY4XMpurIqjCBt_2__37HtObxOoAti8BRxE70svavzdMWxkItdZYyvZaE0n2IZyhm4qxbqhfHG9ocG4jk1ohzcrEBzzUm792qqvBcAakdxP-2PQvBsfmsW_wx-ZsNEwIdb4stgaiIRP9l2PdTy1TPlxr7b15OWhoWlqP7WyAlKHb1kT61A&sai=AMfl-YQCi63kkhuuDr5PYRJZ7G41k-kJDHFWZ64nwpzEywn6eL2RkTwMZ32LVhH4vXULigDHpm_W0UAYHZ-cd_jO3NE4eZAplU7XfWm4x28loGBccqd42MciMwo1X6NoWsI&sig=Cg0ArKJSzCJXMgvuTGktEAE&uach_m=[UACH]&adurl=
Frame ID: 03623B86C3071E4A4E338E3B3DBCB331
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F62294AC631DAA7E9404D295ECD0DAC6
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: A09EE53025C003E620C4970BE06310D1
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0C6FFEC141F84E1CB43A2BE46967ABB0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=http%3A%2F%2F52.64.66.132
Frame ID: 535E07D254F2E8200DA5B518D7266AEC
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df118722073fdea%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff1ba5da146afbb4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false
Frame ID: A33D39ED35EC261096B472F27085223A
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&theme=light&size=invisible&badge=bottomright&cb=g9wu5gqn3pn5
Frame ID: 1DBD6228DE32D744F43868E4D86AEBF1
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.4e067713e19d4fff483536ddc4df18b9.en.html
Frame ID: 57DAE2E82D8A88BF3A3D4C86CFB12355
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spatial Source | news on mapping, geospatial, surveying & geo-dataFacebookTwitterLinkedInInstagram

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

191
Requests

47 %
HTTPS

67 %
IPv6

31
Domains

45
Subdomains

40
IPs

5
Countries

4659 kB
Transfer

10625 kB
Size

11
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/SpatialSource/

Search URL Search Domain Scan URL

URL: https://twitter.com/spatialsource

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/position-magazine-&-spatial-source-com-au/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/spatialsource/

Search URL Search Domain Scan URL

URL: https://directory.spatialsource.com.au/listing/
Title: Directory

Search URL Search Domain Scan URL

URL: https://shop.spatialsource.com.au/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/SpatialSource
Title: FacebookFollow on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/follow?source=followbutton&variant=1.0&screen_name=spatialsource
Title: TwitterFollow on Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/position-magazine-&-spatial-source-com-au
Title: LinkedInFollow on LinkedIn

Search URL Search Domain Scan URL

URL: http://instagram.com/spatialsource
Title: InstagramFollow on Instagram

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://www.woothemes.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 69

http://www.googletagmanager.com/gtm.js?id=GTM-TD47HF HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF

Request Chain 95

http://plugin.mediavoice.com/plugin.js HTTP 301
https://plugin.mediavoice.com/plugin.js

Request Chain 96

http://connect.facebook.net/en_GB/all.js HTTP 307
https://connect.facebook.net/en_GB/all.js

Request Chain 99

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573f5d00-969d-4f03-8972-df15546487ae&tw_document_href=http%3A%2F%2F52.64.66.132%2F HTTP 301
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573f5d00-969d-4f03-8972-df15546487ae&tw_document_href=http%3A%2F%2F52.64.66.132%2F

191 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
52.64.66.132/ 90 KB
22 KB 735ms
459ms Document
text/html 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 94e1b51c33a46b84d7192a0dda8690d012be7035d597a34b5895c2dbd2c9301a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Link: <http://52.64.66.132/wp-json/>; rel="https://api.w.org/", <http://52.64.66.132/wp-json/wp/v2/pages/156>; rel="alternate"; type="application/json", <http://52.64.66.132/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21912
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
52.64.66.132/wp-content/themes/spatial/ 28 KB
7 KB 273ms
273ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/style.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 33ad5ffb15103ef1684794ae8ee322bc15cf2f7a9f837de79c90b461161ef558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Oct 2019 05:58:35 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "6f0d-593fb46a758c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6762

GET
H/1.1 200
OK ai1ec_parsed_css.css
52.64.66.132/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ 261 KB
76 KB 533ms
277ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.6.8
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Mar 2021 02:50:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "413b6-5bd119ddaa900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK layout.css
52.64.66.132/wp-content/themes/canvas/css/ 9 KB
3 KB 537ms
268ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/layout.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 7e0eeb766cafb16415d9a67beffc717f4e7045982d40f47cdcfa706b92dc27f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "231b-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2266

GET
H/1.1 200
OK style.min.css
52.64.66.132/wp-includes/css/dist/block-library/ 79 KB
11 KB 542ms
271ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "13abe-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10523

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
52.64.66.132/wp-includes/js/mediaelement/ 11 KB
3 KB 544ms
273ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2bf8-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2592

GET
H/1.1 200
OK wp-mediaelement.min.css
52.64.66.132/wp-includes/js/mediaelement/ 4 KB
1 KB 545ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "105a-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1156

GET
H/1.1 200
OK admin-bar.css
52.64.66.132/wp-content/plugins/anti-spam/assets/css/ 1 KB
834 B 545ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.2.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: bd9e1f6390136b9c83e656c6434f5007b910f584a7df35527fcdb1e883991282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:11:45 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "563-5c9e1bfb9c240-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 486

GET
H/1.1 200
OK intermedia-hubspot-newsletters-public.css
52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/css/ 98 B
453 B 805ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/css/intermedia-hubspot-newsletters-public.css?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 02:07:26 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62-5cbd6ed2ad380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 106

GET
H/1.1 200
OK intermedia-sponsored-content-public.css
52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/css/ 98 B
453 B 812ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/css/intermedia-sponsored-content-public.css?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 01:40:54 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62-5cd186bca6339-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 106

GET
H/1.1 200
OK bootstrap.min.css
52.64.66.132/wp-content/themes/canvas/css/ 119 KB
20 KB 819ms
275ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/bootstrap.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: c0b04ef697d6cff323e1711e53ace560b8da3f545489e5a6512a194ecf11de39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1dda8-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20137

GET
H/1.1 200
OK style.css
52.64.66.132/wp-content/themes/canvas/ 57 KB
12 KB 821ms
276ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/style.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 052fe48add4e67ecd7d654fae1461c62d4013d0c5675b2489b4f49f524987175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2017 23:18:20 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "e24e-547f8f6b3e700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12055

GET
H/1.1 200
OK /
52.64.66.132/ 6 KB
2 KB 927ms
382ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/?woo-css=load&ver=5.0.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 92b201fc6b011771c26fa0aa3640fea583ef91950ebe3e037f409d0d30d6f2e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1276

GET
H/1.1 200
OK jetpack.css
52.64.66.132/wp-content/plugins/jetpack/css/ 85 KB
17 KB 1078ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/jetpack/css/jetpack.css?ver=10.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 00:49:01 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "15369-5cd17b2371e38-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 17058

GET
H/1.1 200
OK generator.php
52.64.66.132/wp-content/themes/canvas/css/ 98 B
412 B 1085ms
276ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/generator.php?layout_width=1000&ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 833599771226019fe97b2000ba61fbca1fa9fcaa84ca7f00273cc3afb6052d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css; charset: UTF-8;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 108

GET
H/1.1 200
OK /
52.64.66.132/ 46 B
353 B 1213ms
401ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/?woo-layout-css=load&ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: bdfcdc59347ec3b9e38269a6a5938230d37da622d469c82142d23b6c0e422f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 66

GET
H/1.1 200
OK jquery.min.js Show response
52.64.66.132/wp-includes/js/jquery/ 87 KB
31 KB 1365ms
280ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "15db1-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30908

GET
H/1.1 200
OK jquery-migrate.min.js Show response
52.64.66.132/wp-includes/js/jquery/ 11 KB
4 KB 1362ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2bd8-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4169

GET
H/1.1 200
OK intermedia-hubspot-newsletters-public.js Show response
52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/js/ 838 B
841 B 1366ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/js/intermedia-hubspot-newsletters-public.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 02:07:26 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "346-5cbd6ed2ad380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 479

GET
H/1.1 200
OK intermedia-sponsored-content-public.js Show response
52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/js/ 838 B
841 B 1472ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/js/intermedia-sponsored-content-public.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 01:40:54 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "346-5cd186bca6339-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 479

GET
H/1.1 200
OK gtm4wp-form-move-tracker.js Show response
52.64.66.132/wp-content/plugins/duracelltomi-google-tag-manager/js/ 2 KB
702 B 1483ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:19 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "600-5c9e1b705f9c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 340

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 135ms
39ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?ver=5.8.3

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 19:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Feb 2023 19:04:50 GMT

GET
H/1.1 200
OK modernizr.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 11 KB
5 KB 1614ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/modernizr.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2b4c-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4511

GET
H/1.1 200
OK bootstrap.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 36 KB
10 KB 1636ms
273ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/bootstrap.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "900a-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9773

GET
H/1.1 200
OK jquery.waypoints.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 9 KB
3 KB 1641ms
276ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/jquery.waypoints.min.js?ver=3.3.6
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: ac108f232842ce42ad096c3dd90819156e79dfffe99ecdc4c7a80f89ba30a1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2287-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2707

GET
H/1.1 200
OK sticky.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/shortcuts/ 1 KB
946 B 1638ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/shortcuts/sticky.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e0d03795322f25d9d95d750676205ce90d8fdfcb245ab762b9130ba61e981545

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4e1-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 584

GET
H/1.1 200
OK readmore.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 4 KB
2 KB 1745ms
273ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/readmore.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: c5602b2e83fb2fd5abdeca2e5d21986046ab1b399eb6a2195708ef329f7a5e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "fd3-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1717

GET
H/1.1 200
OK script.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 3 KB
2 KB 1752ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/script.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9d6b6fea30b0f68f0f39d25725a1efa8bd79be21b8c36c6f4e3bf9aae58045f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Oct 2019 05:08:48 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "cc5-593fa949d5800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1208

GET
H/1.1 200
OK third-party.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 4 KB
2 KB 1883ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/third-party.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 36ac65354f43479b9ecd2d7a7bdd749962c083d5a5b3366fedd832cd31476762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1128-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1598

GET
H/1.1 200
OK jquery.flexslider.min.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 16 KB
5 KB 1908ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/jquery.flexslider.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "401d-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5110

GET
H/1.1 200
OK general.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 2 KB
1 KB 1911ms
273ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/general.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 0fc29f186f4d182e930c9fafd0efcf208fe861eb87e42c0d9318981cddbb5028

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "8fc-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 883

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 85ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Merriweather%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic%7CSource+Sans+Pro%3A200%2C%3A200italic%2C%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cca5139c7cc0b9fa74a9989a62701e0bdf7c5cc6167abde3df2bddc1091282d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 16 Feb 2022 05:43:11 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 16 Feb 2022 05:43:11 GMT

GET
H/1.1 200
OK nwmatcher-1.2.5-min.js Show response
s3.amazonaws.com/nwapi/nwmatcher/ 19 KB
19 KB 222ms
116ms Script
application/x-javascript 52.217.18.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s3.amazonaws.com/nwapi/nwmatcher/nwmatcher-1.2.5-min.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.217.18.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70a73d0e82d5aa2418bbe189542f7b563c284fa57dafecd35c2bd5e7548ce242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Last-Modified: Tue, 17 Jan 2012 12:17:47 GMT
Server: AmazonS3
x-amz-request-id: 5SETDMPQH1VGBQAZ
ETag: "9dc544da48fbab6a88aa739222fcd42a"
Content-Type: application/x-javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 19000
x-amz-id-2: bzHF7KeVeobaZa9LTdJfHMQDcvuVCeOG+r8yElMI6OXR/J4/Bt55pC8PujvhmGFxT3j4LcQYDiY=

GET
H/1.1 200
OK shortcodes.css
52.64.66.132/wp-content/themes/canvas/functions/css/ 28 KB
5 KB 1091ms
273ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/functions/css/shortcodes.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a02469f98260ae27494bb54f1519db7cdad053185c7cc9470af9245cff33c7e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "70de-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4865

GET
H/1.1 200
OK custom.css
52.64.66.132/wp-content/themes/canvas/ 6 KB
2 KB 1197ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/custom.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 15d090d3fe70263d81d9c491979be73b77bca882155b356f41b0046cbef0cba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Sep 2016 00:55:36 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "16cb-53bf47cd5d200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1496

GET
H/1.1 200
OK facebook.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 1 KB
2 KB 531ms
268ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/facebook.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 0d0032e9daffaeccf9f8f91bc5b50e68a157a0ce26131d66569753efbe25af87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "5be-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1470

GET
H/1.1 200
OK twitter.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 3 KB
3 KB 530ms
272ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/twitter.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 930673d4eca4c328b17f1fc024fd88d9d903d2f0dce30e51fdfa1caf038911ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "b7f-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2943

GET
H/1.1 200
OK linkedin.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 2 KB
3 KB 516ms
272ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/linkedin.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a02efbfef7340d1cd808b598166a53e8d82c492c81ef030ad0766efa5a7424c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "92f-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2351

GET
H/1.1 200
OK instagram.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 1 KB
2 KB 511ms
270ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/instagram.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 34b11c1a6f40ca8a5f6acaedfc51f073bfaf3728069cc926db46f379cf236cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Fri, 03 Mar 2017 04:30:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "593-549cc02484500"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1427

GET
H/1.1 200
OK ico-search.png
52.64.66.132/wp-content/themes/canvas/images/ 366 B
663 B 516ms
272ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/canvas/images/ico-search.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 56390f0d43e4e647f5e912867ffce3db8f51c4c49b07fa3b14ed5bd9c0df4eb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "16e-5318507461c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 366

GET
H2 200 logo-footer.png
spatialsource.com.au/wp-content/themes/spatial/images/social/ 9 KB
10 KB 909ms
821ms Image
image/png 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spatialsource.com.au/wp-content/themes/spatial/images/social/logo-footer.png

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9240
last-modified: Thu, 28 Apr 2016 00:36:44 GMT
server: cloudflare
etag: "2418-53180b877ff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn6F8UM0kuMLSZIuiim%2B6N1fSb33dOxCc6QHpq0Jlf9zKqdDJw%2FsQrXEE7t50MExoZfPz6HzK%2FEimhhGKQ7fjnzQBLTf7LKdx0xiQ3mj7M5c6yBnxdKtdEPuwCrWVP%2FcjMfGX8Yu9ebJ4r8PHGoCrh3zNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6de47505efc271d5-LHR

GET position_cover.jpg
secure.intermedia.com.au/images/mags/ 0
0

GET
H/1.1 200
OK clock.svg
52.64.66.132/wp-content/themes/spatial/images/ 2 KB
2 KB 773ms
272ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/clock.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9bc1bd6d547a9e18f479347294d739b0280d672c54bf580cde0ff02cb1e491df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "7c3-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1987

GET
H/1.1 200
OK location.png
52.64.66.132/wp-content/themes/spatial/images/ 307 B
604 B 270ms
270ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/location.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 713c712e418fbf59710b19e918c86dfa324e2f44366f093f28aadd9174a70cb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "133-53180b877ff00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 307

GET
H/1.1 200
OK logo-footer.png
52.64.66.132/wp-content/themes/spatial/images/social/ 9 KB
9 KB 272ms
272ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/logo-footer.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2418-53180b877ff00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 9240

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

32ms
12ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 16 Feb 2022 05:43:13 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK woothemes.png
52.64.66.132/wp-content/themes/canvas/images/ 2 KB
3 KB 273ms
272ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/canvas/images/woothemes.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 09e4811e5651b57616d379f099d2b11d1947ca1adda5a5d962d6e1dd2878fc29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "967-5318507461c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 2407

GET
H/1.1 200
OK formreset.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 4 KB
750 B 273ms
273ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "f14-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 402

GET
H/1.1 200
OK formsmain.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 78 KB
12 KB 274ms
274ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "139e5-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 12277

GET
H/1.1 200
OK readyclass.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 30 KB
4 KB 270ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "781d-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3451

GET
H/1.1 200
OK browsers.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 8 KB
1 KB 271ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "20d7-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1173

GET
H2 200 8838799.js Show response
js.hs-scripts.com/ 964 B
889 B 176ms
132ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8cda5b0dd817aef8d6ef171e9e57243534db4181a4a133b23141b881c1eeb29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 25f4c049-6ed9-4053-b22e-24558628c826
last-modified: Wed, 16 Feb 2022 05:05:25 GMT
server: cloudflare
x-trace: 2BC49A7DC2DE1FB0339555A45136F08336C97B9578000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: http://52.64.66.132
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6de475059c160225-ZRH
expires: Wed, 16 Feb 2022 05:44:13 GMT

GET
H/1.1 200
OK feedback.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 2 KB
846 B 273ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/feedback.js?ver=5.0.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 2205a2bfd1c02581de2e764c8b5a918767fec2624e4956b62934c60f43561400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62a-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 484

GET
H/1.1 200
OK wp-embed.min.js Show response
52.64.66.132/wp-includes/js/ 1 KB
1 KB 277ms
276ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "592-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 765

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 47ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3171
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6de47505aecd0219-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Feb 2022 05:43:13 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
52.64.66.132/wp-includes/js/dist/vendor/ 6 KB
3 KB 752ms
273ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1906-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 2398

GET
H/1.1 200
OK wp-polyfill.min.js Show response
52.64.66.132/wp-includes/js/dist/vendor/ 16 KB
6 KB 278ms
278ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4056-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6031

GET
H/1.1 200
OK dom-ready.min.js Show response
52.64.66.132/wp-includes/js/dist/ 1 KB
966 B 271ms
271ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4e9-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 604

GET
H/1.1 200
OK hooks.min.js Show response
52.64.66.132/wp-includes/js/dist/ 5 KB
2 KB 272ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1540-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 1790

GET
H/1.1 200
OK i18n.min.js Show response
52.64.66.132/wp-includes/js/dist/ 10 KB
4 KB 276ms
276ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "268a-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3858

GET
H/1.1 200
OK a11y.min.js Show response
52.64.66.132/wp-includes/js/dist/ 3 KB
1 KB 269ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "bc1-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 1156

GET
H/1.1 200
OK jquery.json.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 272ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "738-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 926

GET
H/1.1 200
OK gravityforms.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 43 KB
13 KB 277ms
277ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "aba9-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 13137

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 131ms
47ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&ver=5.8.3

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b91e5e282c5300f0d438e04b1c62a63eb407db0c8ea990a4aea1272f186e31ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Wed, 16 Feb 2022 05:43:13 GMT

GET
H/1.1 200
OK placeholders.jquery.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 269ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "121f-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 1750

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 133ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/wp-content/themes/spatial/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79ed7ce5aa05b86669819fef0a8aef590009730b5638680c71148402ddf343d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 05:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 05:43:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 05:43:11 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
52.64.66.132/wp-includes/js/ 18 KB
5 KB 271ms
271ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4705-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 4930

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 110ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17f6971abbe1ba91fe81ce706435a53b3690d20c3309457c72c59dbb823490d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1133 / 559 of 1000 / last-modified: 1644966531"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27327
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Wed, 16 Feb 2022 05:43:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
14ms Script
text/javascript 2a00:1450:400e:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5257
date: Wed, 16 Feb 2022 04:15:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Feb 2022 06:15:36 GMT

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 23ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://static.ads-twitter.com/uwt.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 00:44:37 GMT
Etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
Vary: Accept-Encoding,Host
x-tw-cdn: FT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
X-Cache: HIT, HIT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 5410
X-Served-By: cache-iad-kiad7000072-IAD, cache-hhn11569-HHN

GET
H2

404

gtm.js
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF

0
0

138ms
56ms

Script
text/html

2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Server: 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
Date: Wed, 16 Feb 2022 05:43:13 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: 2NUHQ/Z781l4ooOoI8f+xQMZFYVJDGFXqeEjTL7egLWV7gfEaSbd8wgqYHmJfohrFgjofgec6wHeIoe5YMUEkQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Feb 2022 05:43:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 76ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic%7CSource+Sans+Pro%3A200%2C%3A200italic%2C%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 06:46:29 GMT
X-Content-Type-Options: nosniff
Age: 514604
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20028
X-XSS-Protection: 0
Last-Modified: Wed, 15 Dec 2021 02:22:44 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 10 Feb 2023 06:46:29 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:06:47 GMT
x-content-type-options: nosniff
age: 56186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 14:06:47 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 14ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Age: 720
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (frb/6776)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 123ms
46ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 21:39:33 GMT
x-content-type-options: nosniff
age: 115420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 21:39:33 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 78ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 14:22:50 GMT
X-Content-Type-Options: nosniff
Age: 487223
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19752
X-XSS-Protection: 0
Last-Modified: Wed, 15 Dec 2021 02:23:11 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 10 Feb 2023 14:22:50 GMT

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
14 KB 76ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 07:51:17 GMT
X-Content-Type-Options: nosniff
Age: 78716
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 13080
X-XSS-Protection: 0
Last-Modified: Wed, 10 Nov 2021 18:10:26 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 15 Feb 2023 07:51:17 GMT

GET
H/1.1 200
OK AdobeStock_327422234_web-624x345.jpg
52.64.66.132/wp-content/uploads/2022/02/ 34 KB
34 KB 508ms
276ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/AdobeStock_327422234_web-624x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: eb250cfc5e616deb0c18dd4e306c0566210a471264cf5afa9cf1f2b13456e37c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Last-Modified: Wed, 16 Feb 2022 04:10:17 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "86b8-5d81ad3cd7604"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 34488

GET
H/1.1 200
OK Eos-Bridge-Feature-Image-01-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 15 KB
16 KB 773ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Eos-Bridge-Feature-Image-01-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 88f3468f28f8e083401ffd9987fa9ab1b895f5833a68fcb947766e614f0846bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Tue, 01 Feb 2022 21:52:49 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "3d2c-5d6fbec0eff4b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 15660

GET
H/1.1 200
OK PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 6 KB
6 KB 763ms
269ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 6d04ac669715cb372b2713f29164a79884cd89f884cf70a309fcf43270aeb1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Mon, 31 Jan 2022 21:07:55 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1793-5d6e72da36b1b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 6035

GET
H/1.1 200
OK Front-image-175x140.jpg
52.64.66.132/wp-content/uploads/2021/10/ 9 KB
9 KB 766ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2021/10/Front-image-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9eece2a2b1198f6a3eee980b1599f892271511cbc48115bc551bd3a0a76af1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Tue, 19 Oct 2021 00:00:36 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "233d-5cea959df20a7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 9021

GET
H/1.1 200
OK Airport-infrastructure-image_web-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 8 KB
8 KB 766ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Airport-infrastructure-image_web-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: b1167acda910481187c3e4493572f5fb91ca19452d57b8e14b43d4829783e430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Mon, 31 Jan 2022 20:49:23 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1e5e-5d6e6eb5daea9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7774

GET
H/1.1 200
OK NZ_APSEA_web-607x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 55 KB
55 KB 1016ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/NZ_APSEA_web-607x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: fddcc8a5376dc1f36143b29e3a5197aea500ab25a147db30d1f3a84b89771210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Tue, 15 Feb 2022 00:29:02 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "dbfc-5d8039eac9cd9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 56316

GET
H/1.1 200
OK vcspace-cohort4_web-488x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 29 KB
30 KB 1012ms
268ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/vcspace-cohort4_web-488x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 3a3125e33b9bd595230b069b7b368a1b7a0f56d649d85452e079cf9cdb79d90d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Sun, 13 Feb 2022 22:53:56 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "754c-5d7ee2cb87930"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 30028

GET
H/1.1 200
OK Screen-Shot-2020-06-05-at-3_13_26-pm-488x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 30 KB
31 KB 1018ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Screen-Shot-2020-06-05-at-3_13_26-pm-488x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 838087eb2cafe5b3c914a0358f82342e58ad8abb2349075daee0dfcaa7cfa428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Sun, 13 Feb 2022 22:28:00 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "79e8-5d7edd0018fcb"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 31208

GET
H/1.1 200
OK Picture-1536x1152_web-459x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 58 KB
59 KB 763ms
276ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Picture-1536x1152_web-459x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 11bae33b1f22cde46c9a82cd85e72a12d186cae487d8a6ddcccf6b8b016fde43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Fri, 11 Feb 2022 01:05:42 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "e969-5d7b3aa78d362"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 59753

GET
H/1.1 200
OK AdobeStock_171921055_web-507x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 87 KB
87 KB 1023ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/AdobeStock_171921055_web-507x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 2782292c875f9ccb3854bfa56eb6379bd1edac9671653943e452220222ed6cf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Last-Modified: Fri, 11 Feb 2022 00:44:59 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "15b69-5d7b3606642c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 88937

GET
H/1.1 200
OK L9SanFrancisco_web-484x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 63 KB
63 KB 272ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/L9SanFrancisco_web-484x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 905990fa43618a70311984ab81c75e95018f442b04c64322e7638c84e8132db2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Wed, 09 Feb 2022 00:24:24 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "fc80-5d78adb0e3320"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 64640

GET
H/1.1 200
OK 82w5qbyf7x Show response
fast.wistia.net/embed/iframe/ Frame 3EB5 7 KB
4 KB 120ms
100ms Document
text/html 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7cc03580e0d3d806749e938dcdaa62202b065f40496633cd4ec936de71dadc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
ETag: W/"c7cc03580e0d3d806749e938dcdaa622"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 05ed761e167540a30c12783ff21d7e79
X-Runtime: 0.072471
Content-Length: 2634
Accept-Ranges: bytes
Date: Wed, 16 Feb 2022 05:43:13 GMT
Age: 57799
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200078-IAD, cache-hhn4050-HHN
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1644990194.559755,VS0,VE93
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: chrome
X-Browser-Version: 98

GET
H/1.1 200
OK PittHill_web1-483x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 35 KB
36 KB 274ms
273ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/PittHill_web1-483x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 22c3b417cf540ecd539525d7ae51280c5beaa71b4038476df2a1178780f5df8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Wed, 09 Feb 2022 00:11:37 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "8ddf-5d78aad5585c6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 36319

GET
H/1.1 200
OK AdobeStock_110738618_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/01/ 71 KB
71 KB 274ms
273ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/01/AdobeStock_110738618_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a58531f5fd4a744d7702a4a1c5dd59979d4cb0aebd8317640b043c20f8b6223a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Tue, 11 Jan 2022 22:51:53 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "11ac9-5d5564ca65a6b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 72393

GET
H/1.1 200
OK PIC1-GNSS-ground-station-on-Lord-Howe-Island_web-625x345.jpg
52.64.66.132/wp-content/uploads/2021/08/ 70 KB
70 KB 276ms
276ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2021/08/PIC1-GNSS-ground-station-on-Lord-Howe-Island_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5ff4962ee39729b67a1188a13413ba592690639b77d399bf29ed1382cddbdbc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Mon, 16 Aug 2021 02:13:58 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1186f-5c9a3c0f9c580"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 71791

GET
H/1.1 200
OK R.Kennedy-Profile_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/01/ 21 KB
21 KB 269ms
269ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/01/R.Kennedy-Profile_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 55bc46c3a7635e5915349bd3d60c5438ad75d9c0c5de400d3d69c5c06054ced7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Tue, 11 Jan 2022 22:44:31 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "53e7-5d556324d0a15"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 21479

GET
H/1.1 200
OK Shadow-castings-shown-on-SLA-OneMap3D_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/01/ 79 KB
79 KB 270ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/01/Shadow-castings-shown-on-SLA-OneMap3D_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d5609949d7d97a04798d2e6d45cf6646ea0ff326c8bf3c76ede6b8f9ad27c780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Last-Modified: Wed, 19 Jan 2022 00:12:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "13ae3-5d5e43c6d62a5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 80611

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 42ms
14ms Script
application/x-javascript 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 2826BFFDB82F2FB4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54791
accept-ranges: bytes
content-length: 948
x-amz-id-2: IybdIbM8HZHFGeFfQHkL1xn6LjBypc4s9MoqJ602WDvJWcnRpeCMZ+8c+KpcPRX5ZzUeKGcBdlw=

GET
H2

200

plugin.js Show response
plugin.mediavoice.com/
Redirect Chain

http://plugin.mediavoice.com/plugin.js
https://plugin.mediavoice.com/plugin.js

367 KB
137 KB

68ms
37ms

Script
application/javascript

2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec1ad71c0a4db49db22b8efa3a6e1285a7513a28f1978f1358962e151717ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23695
content-type: application/javascript
content-length: 139678
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 11 Jan 2022 21:18:51 GMT
server: cloudflare
etag: W/"61ddf43b-5bcf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2383191503 2383085425
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6de47506fa6dcc4e-ZRH
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 16 Feb 2022 05:18:59 GMT

Redirect headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://plugin.mediavoice.com/plugin.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6de4750699f701e3-ZRH
Expires: Wed, 16 Feb 2022 06:43:13 GMT

GET
H3

200

all.js Show response
connect.facebook.net/en_GB/
Redirect Chain

http://connect.facebook.net/en_GB/all.js
https://connect.facebook.net/en_GB/all.js

3 KB
2 KB

16ms
7ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c9f2b5eca36ae758acab82c51a6e158cac88a6a6b23243092086c268dcf1077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Tjtr8+0u9XIibh5zzNlc4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: wz8QvH6ebo3HdpcFyuMRe3GIth8C3ppgkTY8tV8Ng93MlroNXcp5+ECa2U07CJZnJYvMmkutozEAe1geuR45sA==
x-fb-content-md5: 4d6ae16fb8bc6f22284e2eed76753680
x-frame-options: DENY
date: Wed, 16 Feb 2022 05:43:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d8629f4be5e51f9b469098149332c7ee"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Feb 2022 05:59:07 GMT

Redirect headers

Location: https://connect.facebook.net/en_GB/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 184ms
87ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Syht6KMIMXnNeM0BxR/fEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c287f014806a9e4c693e7509987366ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Syht6KMIMXnNeM0BxR/fEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 16 Feb 2022 05:43:13 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 19ms
18ms XHR
text/plain 2a00:1450:400e:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=958003744&t=pageview&_s=1&dl=http%3A%2F%2F52.64.66.132%2F&ul=en-us&de=UTF-8&dt=Spatial%20Source%20%7C%20news%20on%20mapping%2C%20geospatial%2C%20surveying%20%26%20geo-data&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=129483162&gjid=955868428&cid=1413195530.1644990194&tid=UA-944137-41&_gid=2100383941.1644990194&_r=1&_slc=1&z=660930466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573...
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=57...

43 B
337 B

127ms
110ms

Image
image/gif

104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573f5d00-969d-4f03-8972-df15546487ae&tw_document_href=http%3A%2F%2F52.64.66.132%2F

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 16 Feb 2022 05:43:13 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: a2733cb42b517538d04313679ca128832fbb06f00179fe6349c764a2dddbedd2
content-length: 43

Redirect headers

location: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573f5d00-969d-4f03-8972-df15546487ae&tw_document_href=http%3A%2F%2F52.64.66.132%2F
x-response-time: 101
date: Wed, 16 Feb 2022 05:43:13 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: c15d2bff8a3c637b4c9f3f1f0dbfde430788bb160dbe17d3759193c414a366d1
content-length: 0

GET
H/1.1 200
OK insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 3EB5 47 KB
15 KB 7ms
6ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df981a01695742a1661653eedb6ee05ef84c79ada6eb8a4bedbbc6a981e25005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Age: 1934
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 14284
X-Served-By: cache-iad-kiad7000124-IAD, cache-hhn4050-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990194.674723,VS0,VE0
ETag: "6203ff32-37cc"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 13

GET
H/1.1 200
OK E-v1.js Show response
fast.wistia.net/assets/external/ Frame 3EB5 592 KB
142 KB 12ms
6ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5580d5aba5654980a02e5e5f82841206136f73441be36bfb01fc1a0329800f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Age: 1937
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 145258
X-Served-By: cache-iad-kiad7000087-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990194.680800,VS0,VE0
ETag: "6203ff32-2376a"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 4

GET
H2 200 swatch
fast.wistia.net/embed/medias/82w5qbyf7x/ Frame 3EB5 4 KB
5 KB 113ms
96ms Image
image/jpeg 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/82w5qbyf7x/swatch

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3574c8bf6374df694afda9466316c67095687656f5676b499f0b31e8ec06649f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
access-control-request-method: *
age: 33282
x-cache: HIT, MISS
content-disposition: inline
content-length: 4195
x-served-by: cache-iad-kjyo7100122-IAD, cache-hhn4053-HHN
access-control-allow-origin: *, *
x-browser-version: 98
last-modified: Tue, 01 Feb 2022 22:13:01 UTC
x-timer: S1644990194.692758,VS0,VE90
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=30971448
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 59ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-944137-41&cid=1413195530.1644990194&jid=129483162&gjid=955868428&_gid=2100383941.1644990194&_u=IEBAAEAAAAAAAC~&z=812499486

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Feb 2022 05:43:13 GMT
content-type: text/plain
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1254366301255276 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1254366301255276?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9aed62523e942ff01300e2331f6b0ce030698f5a13ed3c453d89c59b2d31f9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: u4od8gfZIQJ975gWpIk7SaxOAzvq6Tmg+FO4I2GDqAcJQgNSCaClHw1nI1d/JZDYYXSymliU7hAB68umNTTElQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 16 Feb 2022 05:43:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 291 KB
82 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=b3ba10c82bf7eed19d72c7b9524cc9af

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e39d6c08b0010cc885e322d8fafbcf368e84571122c984814f994071ffda863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://52.64.66.132/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JmCrm7jXTgL2FdOMAlzVDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83618
x-fb-rlafr: 0
x-fb-debug: 1xwcLgW3vuwxYDcsT44M6RFOvDp7NrTuQ/7s/sgT/8adE982RpVEAcK43UGkcKeoz1tYB50zJWRHVTJ5Ii+4oQ==
x-fb-content-md5: 61e8efaeb5abcb74cae24eb84fb7a7f7
x-frame-options: DENY
date: Wed, 16 Feb 2022 05:43:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "de1827c710359f0668a04768459c2586"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Feb 2023 04:29:11 GMT

GET
H2 200 pubads_impl_2022021001.js Show response
securepubads.g.doubleclick.net/gpt/ 358 KB
120 KB 136ms
36ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122668
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 09:35:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Feb 2023 04:08:40 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 31 B
683 B 145ms
48ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=52.64.66.132

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2db4b8d3ec3c7d9a29b758d8e6f15bbe9891638ca9487eae419b1a3287eac34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47
x-xss-protection: 0
expires: Wed, 16 Feb 2022 05:43:13 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 100ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-944137-41&cid=1413195530.1644990194&jid=129483162&_u=IEBAAEAAAAAAAC~&z=2005579517

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 136ms
49ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-944137-41&cid=1413195530.1644990194&jid=129483162&_u=IEBAAEAAAAAAAC~&z=2005579517

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 3EB5 132 KB
40 KB 7ms
6ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8e7798ef36d36df1886eb4900f3644d3eabd5ef406d7b6fa9b91c8da4844ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Content-Encoding: gzip
Age: 1935
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 40540
X-Served-By: cache-iad-kiad7000121-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990194.826591,VS0,VE0
ETag: "6203ff32-9e5c"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 6

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254366301255276&ev=PageView&dl=http%3A%2F%2F52.64.66.132%2F&rl=&if=false&ts=1644990193840&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1644990193687&coo=false&rqm=GET

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 16 Feb 2022 05:43:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254366301255276&ev=spatialsource&dl=http%3A%2F%2F52.64.66.132%2F&rl=&if=false&ts=1644990193843&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&it=1644990193687&coo=false&rqm=GET

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 16 Feb 2022 05:43:13 GMT

GET
DATA 200
OK truncated
/ Frame 3EB5 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer: http://fast.wistia.net/
Origin: http://fast.wistia.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK swatch
fast.wistia.net/embed/medias/82w5qbyf7x/ Frame 3EB5 4 KB
5 KB 7ms
7ms Image
image/jpeg 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://fast.wistia.net/embed/medias/82w5qbyf7x/swatch

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3574c8bf6374df694afda9466316c67095687656f5676b499f0b31e8ec06649f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Access-Control-Request-Method: *
Age: 33282
X-Cache: HIT, HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 4195
X-Served-By: cache-iad-kjyo7100122-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *, *
X-Browser-Version: 98
Last-Modified: Tue, 01 Feb 2022 22:13:01 UTC
X-Timer: S1644990194.896083,VS0,VE1
Strict-Transport-Security: max-age=0
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/jpeg
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: public, no-cache, max-age=30971448
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK ca1ab6687cad2d0c36a7589a27ee8ba8c85eef49.webp
embedwistia-a.akamaihd.net/deliveries/ Frame 3EB5 26 KB
27 KB 81ms
38ms Image
image/webp 2.16.106.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/ca1ab6687cad2d0c36a7589a27ee8ba8c85eef49.webp?image_crop_resized=640x360
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b233b4c1ff410000145fd9da3e01b87a3568a2359a98c80060cdfff16e0e69cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:13 GMT
Access-Control-Request-Method: *
surrogate-key: ca1ab6687cad2d0c36a7589a27ee8ba8c85eef49 thumbnail-delivery
Last-Modified: Tue, 01 Feb 2022 22:13:01 UTC
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=31150641
content-disposition: inline
Connection: keep-alive
Accept-Ranges: none
Content-Length: 26788

GET
H2 200 8838799.js Show response
js.hs-analytics.net/analytics/1644990000000/ 73 KB
21 KB 210ms
163ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1644990000000/8838799.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3fb051ba1bd33dc66c438882d1b1588013f03d0e84730c17f4e10b3b7e8dd08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: AX49DTSY9S465D3Y
x-amz-server-side-encryption: AES256
cf-ray: 6de475083cd82325-ZRH
x-amz-id-2: jFHgQvVQgU4l3IpTvd4Jj7Q2x/AeT6juuQw7WvYaEARke7Hum/2fzmlL1m4oURO03mfNLDbrCc0=
last-modified: Mon, 14 Feb 2022 02:35:54 GMT
server: cloudflare
etag: W/"ccda55b2103ca176d2fa0ca6d8f38cfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 16 Feb 2022 05:48:14 GMT

GET
H2 200 8838799.js Show response
js.hs-banner.com/ 62 KB
16 KB 514ms
451ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8838799.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467386d4fe8af838e24c2c5bceb0fdd98b5d698bcc5b3d508b6b6c9ab6757c67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: C31425WP0NR2PA36
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: UBkArv0DkMv+DRZXjxgFbQIjnsutyNqH5PIU0VI7bl1t51LvipiU35ACHVosmsDhbZgmONauxAM=
timing-allow-origin: *
last-modified: Mon, 14 Feb 2022 02:35:53 GMT
server: cloudflare
etag: W/"16c025bdd0e47fe1d3acfd5100cc083b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 22r09cPG4Dw6Rqyed_T1Tg.a6hQG2S0h
access-control-allow-origin: https://onimpact.com.au
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6de475084c18233d-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 16 Feb 2022 05:48:14 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 44ms
26ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:13 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 973
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6de475080fab0225-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 19 Feb 2022 05:43:13 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 150 KB
51 KB 89ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 05:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52422
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 05:06:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 159ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=52.64.66.132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=52.64.66.132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 173 KB
21 KB 163ms
115ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1466459820047246&correlator=2875175953671497&output=ldjh&eid=31060889&output=ldjh&gdfp_req=1&vrg=2022021001&ptt=17&impl=fifs&sc=0&sfv=1-0-38&ecs=20220216&iu_parts=58625620%2CSS_LB%2CSS_MREC1%2CSS_MREC2%2Css_skin%2Css_roadblock%2Css_strip&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%2C300x250%2C300x250%2C1920x1200%2C300x250%2C600x44%7C600x45&cust_params=ip%3D185.213.155.162%26url%3DHome%26post_type%3Dpage&cookie_enabled=1&bc=23&abxe=1&dt=1644990194005&lmt=1644990194&dlt=1644990191545&idt=2433&frm=20&biw=1600&bih=1200&oid=2&adxs=300%2C648%2C648%2C-160%2C-9%2C315&adys=144%2C663%2C1360%2C76%2C-9%2C540&adks=1727162820%2C549555199%2C3182220592%2C1869964590%2C2287901567%2C2790927923&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F52.64.66.132%2F&vis=1&scr_x=0&scr_y=0&psz=1000x0%7C303x12%7C303x12%7C1920x-1%7C0x-1%7C970x1976&msz=1000x0%7C303x0%7C303x0%7C1920x-1%7C0x-1%7C600x-1&ga_vid=1413195530.1644990194&ga_sid=1644990194&ga_hid=958003744&ga_fc=true&fws=0%2C0%2C0%2C512%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C-1%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2b1c4a5da6df3b23ee22a7663363a99c67a1e0ba159dde84ecdfa0e8f5694244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21902
x-xss-protection: 0
google-lineitem-id: 5909060285,5890830611,5909618316,5862806088,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379852428,138378763864,138380103131,138379295367,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80AC 6 KB
4 KB 157ms
48ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 16 Feb 2022 05:43:14 GMT
expires: Thu, 16 Feb 2023 05:43:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 web Show response
onesignal.com/api/v1/sync/16346010-a56d-4eb8-b2c5-4f7578a2b650/ 4 KB
2 KB 333ms
333ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/16346010-a56d-4eb8-b2c5-4f7578a2b650/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b88a45e2d23f12c55db5a99d4136c73a38360efd608e7516838c8b1719c5ec49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-envoy-upstream-service-time: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1ecb4d1b-d4c9-4de7-b0b0-b7d9d399ca22
x-runtime: 0.044579
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b88a45e2d23f12c55db5a99d4136c73a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6de47508bb190219-ZRH
access-control-allow-headers: SDK-Version
expires: Wed, 16 Feb 2022 06:43:14 GMT

GET
H/1.1 200
OK playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 3EB5 59 KB
19 KB 6ms
6ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

705df238a5ec0beb0caf8c639555a4d32d9de27d2cd3be715f639c625f23f7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Age: 1935
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 18435
X-Served-By: cache-iad-kcgs7200037-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990194.032684,VS0,VE0
ETag: "6203ff32-4803"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 5

GET
H/1.1 200
OK hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 3EB5 419 KB
119 KB 7ms
7ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eab609633d113323aea890fbc91dd9723b98518d6dc98b9f63a11ea3c60372b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Content-Encoding: gzip
Age: 1935
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 121169
X-Served-By: cache-iad-kcgs7200173-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990194.054227,VS0,VE0
ETag: "6203ff32-1d951"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 4

GET
H/1.1 200
OK blank.gif
fast.wistia.net/assets/images/ Frame 3EB5 1 KB
2 KB 6ms
6ms Image
image/gif 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://fast.wistia.net/assets/images/blank.gif

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
Origin: http://fast.wistia.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 34337
X-Cache: HIT, HIT
X-Cache-Hits: 2, 576
Connection: keep-alive
Content-Length: 1214
X-Served-By: cache-iad-kjyo7100157-IAD, cache-hhn4059-HHN
X-Browser-Version: 98
Last-Modified: Tue, 15 Feb 2022 20:09:02 GMT
X-Timer: S1644990194.110859,VS0,VE0
ETag: "620c085e-4be"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/f235e88ba8014c7873f5b3269cd2aefac1d92117.m3u8/ Frame 3EB5 5 KB
6 KB 47ms
20ms XHR
application/vnd.apple.mpegurl 2.16.106.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/f235e88ba8014c7873f5b3269cd2aefac1d92117.m3u8/v2
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8e4307d0960319653bc94a19814fabe8847ffc8e53495bfd57d7ea7b79545c01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Access-Control-Request-Method: *
surrogate-key: f235e88ba8014c7873f5b3269cd2aefac1d92117-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=30336166
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5371
Expires: Thu, 02 Feb 2023 08:26:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9B7 0
0 50ms
50ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8NpWxGzhwo21ptoIJkwgu0nmzDkzxrlgROm2W2MwV1lBj0LAW136fl2tQi7nc72xwDqoxpVNA90tCFUfv-kcy9CI5bF-_lxb6Oey-NijKpbRgfZZDtrbccXRVFVF0dXfk_tnlgsoFYbV9y1vcqq3_szzGzWQ0F39F6yKdUaDN2cFh9Ml4RSqwpAUaULCOap7ELtpNF14bsEmDCt98TEQjhnlQuSA4xM4cAOPr70rwe6jc0A9rx72_B9bBWO347kiVXHiqVW9QXCt4fg_y8rmP2K-7dzB3-QWrMb1-md4&sai=AMfl-YQzkjS-mNt1Kiejpj7d4OtK_8HpVhbF0pobBXWArkecrBgFPB3YRSGPg_hkMb0YnS3wUhfmAVXIxATh0uVgUM3ZLmuAxmDlXT3Mar_tyY5l4mBit675w7a9LZQNgGQ&sig=Cg0ArKJSzHV5PdlJCtaIEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame F9B7 19 KB
8 KB 138ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:37:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame F9B7 2 KB
1 KB 350ms
249ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:22:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9B7 124 KB
38 KB 139ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame F9B7 0
0 85ms
46ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQA7vHhCRBk2RG68mAS57p4JCU75hmWzKzCs7vZhNjhJPosoxB0zxJu676d78GKlb3_cSihFxe81o3rFeD1Rz2-I-8cdw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 4365928910642822718
tpc.googlesyndication.com/simgad/ Frame F9B7 288 KB
288 KB 250ms
150ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4365928910642822718

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cad0546d431d9aaa66508eb31bc7c9b3e0fa5772dca9d182067022ab327b8b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:59:31 GMT
x-content-type-options: nosniff
age: 146623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294920
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 21:40:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 12:59:31 GMT

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/f235e88ba8014c7873f5b3269cd2aefac1d92117.m3u8/v2/ Frame 3EB5 321 KB
321 KB 501ms
501ms XHR
video/mp2t 2.16.106.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/f235e88ba8014c7873f5b3269cd2aefac1d92117.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.106.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-106-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3aab2448c049b68988ce2e71227e53a739021bc8e09ef5d8f5b53ed40ecb422b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:14 GMT
Access-Control-Request-Method: *
surrogate-key: f235e88ba8014c7873f5b3269cd2aefac1d92117-hls-segment purge-experiment-17
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31533232
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 328248
Expires: Thu, 16 Feb 2023 04:57:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17B5 0
0 54ms
52ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstD7Ru6Tp_T5e34vZ0x9-K-tgGpTemYAa2UetGeNf6hSNVAIdLobpdiGlq6njc9LpS5KnE-yoW2NLPkC9LmcBADeeO1czM7e0Uwzwiymlp7tfTmy9f71uCiSLFDZWKI0ir6RznW3F-oJiugrx0geWt00oet9_WiWOUDl5_NFWvt6G8dewszzNKRNLzsIgboFUu0dju0u-2dq7uvKYeueVMssx0hAfmqd4WOHOkPXS6qYY5v1pAYd6013dKjYD6ahhgC_zckz55BL4sPTTCWgwauEt1NKtPz-tCgFgVOs2XPu0&sai=AMfl-YSAnIMV4Ci6PG8w9nzkZu_DT3OCCTwKad69DdMyETNZ1GUvr0nZFbmIAjVQul0iXWAZWb6KLgSNW-wCyt2v2Hcp_hiWWfiin91v4AxPw_8phOdlHprjBwvcs2HEAIs&sig=Cg0ArKJSzG4pHKJnb7EjEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 17B5 19 KB
8 KB 126ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:37:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 17B5 2 KB
1 KB 332ms
250ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:22:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17B5 124 KB
38 KB 202ms
137ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 17B5 0
0 82ms
43ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQbU-zkUHvs2UDMmR2spnZX75Yk1kwz_tUKHOomFmFZ6SCgoMk42MsudeGQ-mcvBqVSAV7Sevwe3hmtXKy7GKLX6eqCUg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 5029323125800272278
tpc.googlesyndication.com/simgad/ Frame 17B5 22 KB
22 KB 164ms
82ms Image
image/gif 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5029323125800272278

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98674dbf8c788342366178b2dd32c54b29ace00305e087c1a3c8454d3294ce4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 06:33:19 GMT
x-content-type-options: nosniff
age: 342595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22156
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 05:05:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 06:33:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8260 0
0 50ms
50ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFBDt1QAeQTbq4XzanKg9jI9_-AVUtpqLF0fWHN2FJ0y-pR-dH8pQxFbUGkPZe8kDTbs7EnwyniS05JMXbx2dZ7pNyepYe5EVYCTSo7rMeyZ4Kut7k6ya7NNfOHuid5V6T37X6dTP-K-j34FZQBtWoXxb9aNHsR6oUj4NSf5oCaHfVwV-gRW18NFz9FVv-5hpF2QaohrHsJfO83yVDISpgxE_F1R6KcSfDYiweiXh8Qoh6UR89bZMsCa5XRo-LCJlw9l3qYxsKHRTqKzMm65OLzc_rMjTz98fqsEwFc5bM0q8&sai=AMfl-YQK1BgcNlQwnKWQmlRhpCWVDtlzX5bpgJe0fzE2a5AFGLAa-P2fGEGRKrGmG5EkuA9Do2gdILEhZ-qGPXRb1CCBu3TxhirjehqKjjTd3xXdX-vLbJIgfgIo5GtsgJ0&sig=Cg0ArKJSzCjrqlQZOJFCEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 8260 19 KB
8 KB 128ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:37:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 8260 2 KB
1 KB 251ms
248ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:22:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8260 124 KB
38 KB 193ms
131ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 8260 0
0 80ms
44ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaTkb-ns2lN5ip-ZDyVa-9ukpqNuXOqmAEe5_ePXUk3qSHTcyIB1pCSbZ7-n_nwYf5HxAogGyRYMxdvPX9MfIjnzgkcphQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 14626753481764807202
tpc.googlesyndication.com/simgad/ Frame 8260 59 KB
59 KB 165ms
98ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14626753481764807202

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4ec89099e4cb0b44951c2cee2822fa3b38cab19001be8caf9c7798cc0e4969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 21:04:14 GMT
x-content-type-options: nosniff
age: 290340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60425
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 21:33:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 21:04:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0362 0
0 49ms
49ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspZMBlSB6LLexAEORZa_pzR4UJ4sEBOk0YzIZD1fnTL7z5ovL3bLdj5EZeOjOyNWGH9fMUZP6zdIQ7k7B_YLaoZc7KrBzRsDyaf1SgYSnG9uZm5thmm4gWrgoXlY4XMpurIqjCBt_2__37HtObxOoAti8BRxE70svavzdMWxkItdZYyvZaE0n2IZyhm4qxbqhfHG9ocG4jk1ohzcrEBzzUm792qqvBcAakdxP-2PQvBsfmsW_wx-ZsNEwIdb4stgaiIRP9l2PdTy1TPlxr7b15OWhoWlqP7WyAlKHb1kT61A&sai=AMfl-YQCi63kkhuuDr5PYRJZ7G41k-kJDHFWZ64nwpzEywn6eL2RkTwMZ32LVhH4vXULigDHpm_W0UAYHZ-cd_jO3NE4eZAplU7XfWm4x28loGBccqd42MciMwo1X6NoWsI&sig=Cg0ArKJSzCJXMgvuTGktEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/ Frame 0362 19 KB
8 KB 147ms
74ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 11854797672689052815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:37:27 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/ Frame 0362 2 KB
1 KB 252ms
248ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220214/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Mar 2022 05:22:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0362 124 KB
38 KB 158ms
103ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38569
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644842073869169"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H2 200 13180581854255220910
tpc.googlesyndication.com/simgad/ Frame 0362 536 KB
536 KB 201ms
135ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13180581854255220910

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

621caa7c6bb06829af5411b5edcba69d4072c7604f220c28003bc339461878d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 06:33:19 GMT
x-content-type-options: nosniff
age: 342595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548948
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 22:07:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Feb 2023 06:33:19 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F622 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://52.64.66.132
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

content-type: text/plain
access-control-allow-origin: http://52.64.66.132
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Wed, 16 Feb 2022 05:43:14 GMT

GET
DATA 200
OK truncated
/ Frame F9B7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e6d5afa169b0a231727459894147fd6f2ee7c38b0b4b157cbaed9c542157fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 x Show response
distillery.wistia.com/ Frame 3EB5 0
96 B 318ms
102ms XHR
text/plain 52.86.94.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.94.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-94-156.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
cache-control: max-age=0, private, must-revalidate

GET
DATA 200
OK truncated
/ Frame 0362 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a184277f6b02cf51e29f17410da5a66b8f2f83ea5d104b531a44dda22fc0b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 17B5 0
0 98ms
50ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPq1iVh2nmpoCCqva2B1mEvDNt5n1YA1QAn3HXdGyCOA9plVOgKmk7bRXN-w26zZ5XGwSulILrDGKM9QfrykBWn-ipOm_OICcJhr8RgeTUQy5K2euvmIzSN1vKGwWWUqmASjh-p12UAvQ91h_byIRhQ4oz3gZji6wPYaTQ9MFckaSiTmBJDSh1ghffRWupTNPpQCZdgxis_DZZy9ViugtfGxvasS8U8c9swewyK_r6EAv-wVT4ACAJMEq5U5fY2iSTZIQiiS-vw94UkiG6icG2ynEnXRwtj4QmBehHKo-KRQ1xUw&sai=AMfl-YQrxbcBrAdEW0xGXHj3OUXBcjUE9YoabCV0oFOTESxKR5Vi9nue1FEZo5C_O9FtOAUYqPu9IB6I4_CejEkv5XalSmOWK7dFkZm-bERDLx6dik7MONVJI8_fqR6y8bg&sig=Cg0ArKJSzJNksocOLwE_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
DATA 200
OK truncated
/ Frame 17B5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86aa8e1aaec7976d8759442de164a37fc71c93e32d8b98617a84a8a0d56229ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8260 0
0 86ms
49ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3ttWOPH_fDa-R5BQm0Ng811s7Sk2jPEFHyDf_EhhOFFIZ20g5SXMEc54YWmzcvY-xin50tcfEB1sAEE5Oh8O7um09EiWFHPPya75nWygxkhhiiUvpzXaGuI2PR22zb8aUDf2ErCY5fA1rQ1EYxDpRziqhD2A70zgS97cGdtZiZJqKT2vjLITE1givgKMeesbKKaFX_9daPCMOdvORXKX6UWqZiN8Ygpxwjen1KF--y8du0wo1Qhxdukzjuo0XnTYNQjZRVHhy5FEXqzP0b8UvjYrhxqId0U3IT7HkNOd3DRvfCQ&sai=AMfl-YQzUm20f_xnka_fb8BaA_uHOEg5GJlGMCUQIUoLjAXbjl0Y0IxEK57PCV_Bj2-gifUvCs_IGBCohqjVs_y9FAMvMh2yhO14Zc9N8JTAHlyaFLO6U4akOyUv16CQrpM&sig=Cg0ArKJSzHmgoV7f3IF1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
DATA 200
OK truncated
/ Frame 8260 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b53a165f02941e6d0f0f753dd4d9fb9f0e9117007e2dc6c313871209244f909

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F9B7 0
0 50ms
50ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCQxCDmOtibVuwZxQEjvNe_OHuc9J9XeQbI0xV4Ei1voFbl0IPqEaAmQ-RoA4Ao_SJquWC54CFRehUtKL632CuMAXgsefnGN7DUey3kzWjMUA-khYRFt1MlCcSsSzzoNTivBpGaNFOfTF4pKvfnTNPiMRpnddlRKhBeZ5J3Anb-klmlzrd74dxL6DijPlY8krCxmDVzJ0zhLGgA6l9I4qMzhptGx9EoxvXvvCjxpFtsDHc21uxxMVgH3I7Ulg9UHWVrjS2-pWRgXqRHq3PtKyoagZkDpmnWmXIEdiI_hv2aQ&sai=AMfl-YTHnXuV5uWhGyTQcwkKrsSaRgUvbfiu0YYs8Hea8laFFAhTGJIsAi4OyVeltFeyMMadgpoo_h-pz2uywUtsZdpKPVxh1uThIpM853mw5UTqVIXcvBUMVjAs13-y0iw&sig=Cg0ArKJSzFQJvMSgSDpLEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0362 0
0 50ms
49ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIGKpfsn-nivkeztrX-D4pvalaU5vyvw9nuJWsPPykmmeZJMXKnit3RprmBSknHQeJkBUyVvhzhSgZVoEDB-Q8dW0cuCclvaxdEr0-qzNR0QbqBSXmY4uotENbTixZvGBDvvPZ1rytz1HZ6TctxP6wvpV8MSElbs7643tWBdkL9g0RynRQxJe59eiExdUkzB6BJJgPEwq_bxjm3WoApPdfe8N1JZI3BQJtmUwZ-PvPJBikWyBncqz8E5HDLtkdcQJsD-t_fSw15HJT9GeZ1ePuk7TaQh4cNM_TdjVA6YFN9X-V&sai=AMfl-YTI1XnB13fEW3akxq6ZJc4GNYh56rVvJhpgQIRiyrOC9rp4M6u5U5DYx4qg153Y4gQdIfdQxFdHlL69Rt6Fh8OqQ5gQ6GOJJPzS3c4_sBTfTIHFbDXrTWSYNZojdAk&sig=Cg0ArKJSzCn6KG1iLnbtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 05:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Feb 2022 05:43:14 GMT

POST
H/1.1 200
OK mput Show response
pipedream.wistia.com/ Frame 3EB5 2 B
219 B 227ms
103ms XHR
text/plain 34.224.182.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js
Protocol: HTTP/1.1
Server: 34.224.182.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-182-144.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 16 Feb 2022 05:43:14 GMT
Connection: keep-alive
Content-Length: 2
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 3EB5 26 KB
9 KB 7ms
7ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9fcba14ea80a15948ec75eab4b77a7f279cd9f17975102980d27706ea0ccb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/82w5qbyf7x?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
Age: 1934
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 8235
X-Served-By: cache-iad-kjyo7100119-IAD, cache-hhn4059-HHN
Access-Control-Allow-Origin: *
X-Browser-Version: 98
Last-Modified: Wed, 09 Feb 2022 17:51:46 GMT
X-Timer: S1644990195.033570,VS0,VE1
ETag: "6203ff32-202b"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 2, 1

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 354 KB
140 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://52.64.66.132/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142486
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 17:33:37 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-513fd7cb1395bbd7/ 3 KB
1 KB 237ms
230ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-513fd7cb1395bbd7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 106d90fc7fd9bee8a71251d6a93f013a40bdcaeffa8d94d4e0c8533eb56f918d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
content-encoding: gzip
etag: -739611738--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 906

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 229ms
209ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=620c8ef12e8b5950&bkl=0&bl=1&pdt=2729&sid=620c8ef12e8b5950&pub=ra-513fd7cb1395bbd7&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=52.64.66.132&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1644990195404&jsl=8321&uvs=620c8ef187e40a1d000&skipb=1&callback=addthis.cbs.jsonp__034849072164599090
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb05aaab91b517a69cfa371a77ee31eceb0bd9ee7b28e4cdcddc3bc9e708f06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame A09E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 0C6F 71 KB
26 KB 45ms
44ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 16 Feb 2022 05:43:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
459 B 137ms
122ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=573f5d00-969d-4f03-8972-df15546487ae&tw_document_href=http%3A%2F%2F52.64.66.132%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: http://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 114
date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 90806662459be470b0826e7a8a59da74c92266ddfc392a9e25e17a641ccc0b0a
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 535E 319 KB
104 KB 28ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=http%3A%2F%2F52.64.66.132
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 642869
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Feb 2022 05:43:15 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame A33D 34 KB
13 KB 59ms
59ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df118722073fdea%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff1ba5da146afbb4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=b3ba10c82bf7eed19d72c7b9524cc9af

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

022dc8a93ad638ee164d0cd6a2457dee7d1253e8e7359e0dff83cb1afc310ab6

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: O6v8/xo0560Bl659lQRTpKqCWBmVkweZH0Hqzy+TukidhXLH9MBcgkmy+aP0H8ia/5aUcChkvYdiJ6taZXpPwA==
date: Wed, 16 Feb 2022 05:43:15 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 wt Show response
polarcdn-engine.com/ 3 B
492 B 199ms
136ms XHR
application/octet-stream 2606:4700::6812:963
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-engine.com/wt?e=1&n=3&p=NA-SPATSOUR-11238412&s=1&u=36beafd9-8757-428f-8425-fae168e0717a&v=2%2F1006e6c&w=1.226.0&y=w&z=v1.7.8&pas=dfp&pag1=default&pag2=%2F58625620%2Fss_sc&pae=h&pai=bbd42&d=52.64.66.132&pajs=div.latest-news+.posts%3Aeq(3)&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&t=atx&parcid=f2826&parid=542d5&parin=1&pvhref=http%3A%2F%2F52.64.66.132%2F&_=1644990193912
Requested by: Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:963 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 3DYH7BP78FX974EG
content-length: 3
x-amz-id-2: OS7lFFEynEcRniwmHpSLBiVYOADSuGkdSLQE+o/z090ppOmzPLPvKMAozc/ztlJZTNKEE84efFc=
last-modified: Mon, 31 May 2021 19:44:05 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6de47511d99c01e3-ZRH

GET
H/1.1 200
OK ads Show response
pubads.g.doubleclick.net/gampad/ 312 B
944 B 104ms
67ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22402964555628367669_1644990193913&gdfp_req=1&correlator=2875175953671497&output=json_html&iu=%2F58625620%2Fss_sc&sz=2x2&gut=v2&ifi=1&json_a=1&url=http%3A%2F%2F52.64.66.132%2F&_=1644990193914

Requested by

Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js

Protocol

HTTP/1.1

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c194a832e2c7d7e86907bcf3811b42113bece688ad89f3bbe6c159c5265d6e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Google-MediationGroup-Id: -2
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 239
X-XSS-Protection: 0
Google-LineItem-Id: -2
Pragma: no-cache
Server: cafe
Google-MediationTag-Id: -2
Google-Creative-Id: -2
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17B5 42 B
263 B 59ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbJcRt-jt6qc2uaKzj4z-SD8bAaBV6z-pyFMFxsD5lrSQ_LqfsaTVlCIpqan6ZLBgdCpo7nd9ZOTIpXOalVEql1eUenLQTvbpBDZeOlcRVLsl67UuW&sig=Cg0ArKJSzCLVYn-YIjwBEAE&id=lidar2&mcvt=1007&p=843,650,1093,950&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220214&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=549555199&rs=4&la=0&cr=0&vs=4&r=v&rst=1644990194210&rpt=251&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 535E 294 B
470 B 133ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9186419d34fa4170b1993feb28fe36a5b2fed562

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=http%3A%2F%2F52.64.66.132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6a11ed67c58014e454f15946451a64aa309798e5744ccb02c01b1ea23c957e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 16 Feb 2022 05:43:14 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 05:43:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: da9834a1c0b253dce5177a6c8b7ec8c1df967b9faa3610d64b2ab6cafd47c2a7
content-length: 190

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1DBD 7 KB
1 KB 51ms
51ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&theme=light&size=invisible&badge=bottomright&cb=g9wu5gqn3pn5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37cfa90714ce98e57e97423a2dc1d1fc21e0e00e89e4dae447e37973bf6fb004

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UCsgPFFuxFnbhcJRiFg5wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'report-sample' 'nonce-UCsgPFFuxFnbhcJRiFg5wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Wed, 16 Feb 2022 05:43:15 GMT
expires: Wed, 16 Feb 2022 05:43:15 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1040
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A33D 400 B
867 B 15ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df118722073fdea%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff1ba5da146afbb4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: lwKVVCTnh9GWS0BWVpnFTkXrEofjsWRf6LfafGoXwjvA9wV3yv9+joWkWPB53ZTI309DkTX7lKMW4RyugTUO+Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Feb 2023 17:07:11 GMT

GET
H2 200 kvin3s75zzY.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/ Frame A33D 520 KB
136 KB 23ms
7ms XHR
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/kvin3s75zzY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e336f31b4659ca7befc4bd7611580774aed88e4617f32386e551320e7a29309f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u2iWsoMsbOtJAS2toTFtFw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139023
x-fb-rlafr: 0
x-fb-debug: eBKIPHbsG08QB9xmOOYGD91s9hCt0XCW5qe+7p5ztaQzYq7K243z2j1UA3amixQ5/vSSu//A8V7ub8A/xmjFnA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 16 Feb 2023 01:06:04 GMT

GET
H3 200 kvin3s75zzY.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/ Frame A33D 520 KB
136 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y4/l/en_GB/kvin3s75zzY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e336f31b4659ca7befc4bd7611580774aed88e4617f32386e551320e7a29309f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u2iWsoMsbOtJAS2toTFtFw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139023
x-fb-rlafr: 0
x-fb-debug: eBKIPHbsG08QB9xmOOYGD91s9hCt0XCW5qe+7p5ztaQzYq7K243z2j1UA3amixQ5/vSSu//A8V7ub8A/xmjFnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Feb 2023 01:06:04 GMT

GET
H2 200 wt Show response
polarcdn-engine.com/ 3 B
68 B 220ms
219ms XHR
application/octet-stream 2606:4700::6812:963
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-engine.com/wt?e=2&n=3&p=NA-SPATSOUR-11238412&s=1&u=36beafd9-8757-428f-8425-fae168e0717a&v=2%2F1006e6c&w=1.226.0&y=w&z=v1.7.8&pas=dfp&pag1=default&pag2=%2F58625620%2Fss_sc&pae=h&pai=bbd42&d=52.64.66.132&pajs=div.latest-news+.posts%3Aeq(3)&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&t=arx&parcid=f2826&parid=542d5&parin=1&partm=1&par=n&maxts=0.112&pvhref=http%3A%2F%2F52.64.66.132%2F&_=1644990193915
Requested by: Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:963 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 0
cf-ray: 6de4751229ea01e3-ZRH
content-length: 3
x-amz-id-2: OS7lFFEynEcRniwmHpSLBiVYOADSuGkdSLQE+o/z090ppOmzPLPvKMAozc/ztlJZTNKEE84efFc=
last-modified: Mon, 31 May 2021 19:44:05 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-request-id: 3DYH7BP78FX974EG
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9B7 42 B
108 B 47ms
47ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssikof3Kv3ZC5zd_ko9gqdANMBhznktPJaSFrZN2UTbARC5PWNgKv9TOVQcp-wJlTmAKSnJ6tZ8QyTAJGxySZoJOURGYxOulIZxprOW2iB7twfDpUIA&sig=Cg0ArKJSzJ6hcPrtCEODEAE&id=lidar2&mcvt=1004&p=144,315,394,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220214&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1727162820&rs=4&la=1&cr=0&vs=4&r=v&rst=1644990194192&rpt=341&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0362 42 B
64 B 48ms
47ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqwSWCqeIQDsrmfj1WCJ-SZ6XYQ_Q5SOydpp3n1Jc5ifXrBlb299bx8AYopEVAEvMKjuRe-qW_khNzPah5OXGGjavAOSsLAL0vKFDaesnYxwxy2y9y&sig=Cg0ArKJSzKwMKCHpFo_SEAE&id=lidar2&mcvt=1024&p=76,-160,1276,1760&mtos=0,1024,1024,1024,1024&tos=0,1024,0,0,0&v=20220214&bin=7&avms=nio&bs=1600,1200&mc=0.78&app=0&itpl=3&adk=1869964590&rs=4&la=1&cr=0&vs=4&r=v&rst=1644990194220&rpt=331&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 05:43:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 1DBD 51 KB
24 KB 88ms
40ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=BycHQdSIhzR_1EcOLw2mOzYQ&theme=light&size=invisible&badge=bottomright&cb=g9wu5gqn3pn5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:54:36 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 1DBD 354 KB
139 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:33:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142486
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 17:33:37 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 9ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 16 Feb 2022 05:43:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1 200
OK button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 05:43:15 GMT
Content-Encoding: gzip
Age: 642874
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 2293
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:50 GMT
Server: ECS (frb/67BD)
Etag: "0fe442c8a1482a5540ef9bb91b588585+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.4e067713e19d4fff483536ddc4df18b9.en.html Show response
platform.twitter.com/widgets/ Frame 57DA 36 KB
14 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.4e067713e19d4fff483536ddc4df18b9.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: d8e845c4e0ddaf71ae4255f8ba7e005e7d21177daec307afffcc48b688c793c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 642874
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Feb 2022 05:43:15 GMT
Etag: "68d3a5c309935076804e1c738562cfc1+gzip"
Last-Modified: Tue, 01 Feb 2022 19:59:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13629

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 9ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 16 Feb 2022 05:43:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1DBD 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 38607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 22 Feb 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1DBD 15 KB
15 KB 80ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 45394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 17:06:41 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
357 B 116ms
115ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2F52.64.66.132%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1644990195844%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%220a8eea3%3A1643743420422%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Wed, 16 Feb 2022 05:43:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: da9834a1c0b253dce5177a6c8b7ec8c1df967b9faa3610d64b2ab6cafd47c2a7
x-transaction: 5b337ec262f96c0b
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ Frame 3EB5 0
172 B 103ms
103ms XHR
text/plain 3.217.16.251

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/wistia-mux.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.16.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 16 Feb 2022 05:43:19 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

OPTIONS
H/1.1 200
OK /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0 429ms
101ms Preflight 3.217.16.251

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.16.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Wed, 16 Feb 2022 05:43:19 GMT
Content-Length: 0
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.intermedia.com.au
URL: https://secure.intermedia.com.au/images/mags/position_cover.jpg

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
52.64.66.132/	1970-01-20 18:27:42	Name: _ga Value: GA1.1.1413195530.1644990194
52.64.66.132/	1970-01-20 00:57:56	Name: _gid Value: GA1.1.2100383941.1644990194
52.64.66.132/	1970-01-20 00:56:30	Name: _gat Value: 1
.google.com/	1970-01-20 05:20:01	Name: NID Value: 511=B3PqNaSk3NSAOzj0DAvFElIi0Z2taBnXTTg1NpifQJWoCgIVZlAop2gajaXl5Jl2vluxkwS3Qf2aCFQE2wnnqjBZlDuUxlBPiU0sCzAwmv1CNmiaYztqHHTMaurqmJUClKfdrws4A2q76tcWGKLjRxHY9wKUw4TGmwfT_kTDsj0
.t.co/	1970-01-20 18:27:42	Name: muc_ads Value: c1d7a576-d8b7-42d0-aa87-cce3b82ca952
.doubleclick.net/	1970-01-20 10:18:06	Name: IDE Value: AHWqTUla_lU1NFsqy9qPH4ld52SEnDowgh3wMpBlCkdP_bkrsryTNgYBfZqhPqRCy5Q
52.64.66.132/	1970-01-20 10:22:25	Name: __atuvc Value: 1%7C7
52.64.66.132/	1970-01-20 00:56:31	Name: __atuvs Value: 620c8ef187e40a1d000
.addthis.com/	1970-01-20 10:22:25	Name: uvc Value: 1%7C7
.twitter.com/	1970-01-20 18:27:42	Name: personalization_id Value: "v1_GD+80/j1+b96qoyz3Mn+ow=="
.addthis.com/	1970-01-20 10:22:25	Name: loc Value: MDAwMDBFVURFQlkyMjkzMTkwMTAwNTAwMDBDSA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://52.64.66.132/(Line 264) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7f0304456aec3375c9542cec065ef76f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
apis.google.com
cdn.onesignal.com
connect.facebook.net
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.net
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
m.addthis.com
onesignal.com
pagead2.googlesyndication.com
pipedream.wistia.com
platform.twitter.com
plugin.mediavoice.com
polarcdn-engine.com
pubads.g.doubleclick.net
s3.amazonaws.com
s7.addthis.com
secure.intermedia.com.au
securepubads.g.doubleclick.net
spatialsource.com.au
static.ads-twitter.com
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
t.co
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
s7.addthis.com
secure.intermedia.com.au
104.244.42.133
104.244.42.195
104.244.42.200
104.75.88.126
142.250.184.226
184.30.25.161
199.232.136.157
2.16.106.58
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:46b0
2606:4700::6811:d3cc
2606:4700::6812:15bf
2606:4700::6812:963
2606:4700::6812:e234
2606:4700::6813:d983
2a00:1450:4001:800::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9d
2a00:1450:400e:802::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::622
2a06:98c1:3121::f
3.217.16.251
34.224.182.144
52.217.18.118
52.64.66.132
52.86.94.156
022dc8a93ad638ee164d0cd6a2457dee7d1253e8e7359e0dff83cb1afc310ab6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
052fe48add4e67ecd7d654fae1461c62d4013d0c5675b2489b4f49f524987175
09e4811e5651b57616d379f099d2b11d1947ca1adda5a5d962d6e1dd2878fc29
0d0032e9daffaeccf9f8f91bc5b50e68a157a0ce26131d66569753efbe25af87
0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2
0fc29f186f4d182e930c9fafd0efcf208fe861eb87e42c0d9318981cddbb5028
106d90fc7fd9bee8a71251d6a93f013a40bdcaeffa8d94d4e0c8533eb56f918d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bae33b1f22cde46c9a82cd85e72a12d186cae487d8a6ddcccf6b8b016fde43
15d090d3fe70263d81d9c491979be73b77bca882155b356f41b0046cbef0cba7
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
17f6971abbe1ba91fe81ce706435a53b3690d20c3309457c72c59dbb823490d0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d
2205a2bfd1c02581de2e764c8b5a918767fec2624e4956b62934c60f43561400
22c3b417cf540ecd539525d7ae51280c5beaa71b4038476df2a1178780f5df8e
24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
2782292c875f9ccb3854bfa56eb6379bd1edac9671653943e452220222ed6cf4
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2b1c4a5da6df3b23ee22a7663363a99c67a1e0ba159dde84ecdfa0e8f5694244
2db4b8d3ec3c7d9a29b758d8e6f15bbe9891638ca9487eae419b1a3287eac34d
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e6d5afa169b0a231727459894147fd6f2ee7c38b0b4b157cbaed9c542157fc1
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
33ad5ffb15103ef1684794ae8ee322bc15cf2f7a9f837de79c90b461161ef558
34b11c1a6f40ca8a5f6acaedfc51f073bfaf3728069cc926db46f379cf236cf2
34ddb17fa5ce3277bc2c28f8baf901a219c50a7808feee12fe23f2a2a69961e4
3574c8bf6374df694afda9466316c67095687656f5676b499f0b31e8ec06649f
36ac65354f43479b9ecd2d7a7bdd749962c083d5a5b3366fedd832cd31476762
37cfa90714ce98e57e97423a2dc1d1fc21e0e00e89e4dae447e37973bf6fb004
3a3125e33b9bd595230b069b7b368a1b7a0f56d649d85452e079cf9cdb79d90d
3aab2448c049b68988ce2e71227e53a739021bc8e09ef5d8f5b53ed40ecb422b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
467386d4fe8af838e24c2c5bceb0fdd98b5d698bcc5b3d508b6b6c9ab6757c67
4c9f2b5eca36ae758acab82c51a6e158cac88a6a6b23243092086c268dcf1077
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
55bc46c3a7635e5915349bd3d60c5438ad75d9c0c5de400d3d69c5c06054ced7
56390f0d43e4e647f5e912867ffce3db8f51c4c49b07fa3b14ed5bd9c0df4eb7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5ff4962ee39729b67a1188a13413ba592690639b77d399bf29ed1382cddbdbc5
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
621caa7c6bb06829af5411b5edcba69d4072c7604f220c28003bc339461878d9
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6a11ed67c58014e454f15946451a64aa309798e5744ccb02c01b1ea23c957e42
6b52450a51eb0ff7ca3a47d71c81fe11ae9bb2defd351861dc135fcc68d48736
6b53a165f02941e6d0f0f753dd4d9fb9f0e9117007e2dc6c313871209244f909
6d04ac669715cb372b2713f29164a79884cd89f884cf70a309fcf43270aeb1c0
6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb
705df238a5ec0beb0caf8c639555a4d32d9de27d2cd3be715f639c625f23f7d6
70a73d0e82d5aa2418bbe189542f7b563c284fa57dafecd35c2bd5e7548ce242
713c712e418fbf59710b19e918c86dfa324e2f44366f093f28aadd9174a70cb5
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
79ed7ce5aa05b86669819fef0a8aef590009730b5638680c71148402ddf343d4
7b151c4e5fcb8f0c9d627ae90eee08ccb54786c8b80a9624ce4a58d385f4a4ae
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e0eeb766cafb16415d9a67beffc717f4e7045982d40f47cdcfa706b92dc27f9
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
833599771226019fe97b2000ba61fbca1fa9fcaa84ca7f00273cc3afb6052d56
838087eb2cafe5b3c914a0358f82342e58ad8abb2349075daee0dfcaa7cfa428
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86aa8e1aaec7976d8759442de164a37fc71c93e32d8b98617a84a8a0d56229ed
88f3468f28f8e083401ffd9987fa9ab1b895f5833a68fcb947766e614f0846bc
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e4307d0960319653bc94a19814fabe8847ffc8e53495bfd57d7ea7b79545c01
905990fa43618a70311984ab81c75e95018f442b04c64322e7638c84e8132db2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92b201fc6b011771c26fa0aa3640fea583ef91950ebe3e037f409d0d30d6f2e0
930673d4eca4c328b17f1fc024fd88d9d903d2f0dce30e51fdfa1caf038911ce
94e1b51c33a46b84d7192a0dda8690d012be7035d597a34b5895c2dbd2c9301a
98674dbf8c788342366178b2dd32c54b29ace00305e087c1a3c8454d3294ce4b
9bc1bd6d547a9e18f479347294d739b0280d672c54bf580cde0ff02cb1e491df
9d6b6fea30b0f68f0f39d25725a1efa8bd79be21b8c36c6f4e3bf9aae58045f4
9e39d6c08b0010cc885e322d8fafbcf368e84571122c984814f994071ffda863
9eece2a2b1198f6a3eee980b1599f892271511cbc48115bc551bd3a0a76af1ac
a02469f98260ae27494bb54f1519db7cdad053185c7cc9470af9245cff33c7e1
a02efbfef7340d1cd808b598166a53e8d82c492c81ef030ad0766efa5a7424c6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3fb051ba1bd33dc66c438882d1b1588013f03d0e84730c17f4e10b3b7e8dd08
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58531f5fd4a744d7702a4a1c5dd59979d4cb0aebd8317640b043c20f8b6223a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ac108f232842ce42ad096c3dd90819156e79dfffe99ecdc4c7a80f89ba30a1c0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4ec89099e4cb0b44951c2cee2822fa3b38cab19001be8caf9c7798cc0e4969
af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798
b1167acda910481187c3e4493572f5fb91ca19452d57b8e14b43d4829783e430
b233b4c1ff410000145fd9da3e01b87a3568a2359a98c80060cdfff16e0e69cc
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b88a45e2d23f12c55db5a99d4136c73a38360efd608e7516838c8b1719c5ec49
b91e5e282c5300f0d438e04b1c62a63eb407db0c8ea990a4aea1272f186e31ed
bb05aaab91b517a69cfa371a77ee31eceb0bd9ee7b28e4cdcddc3bc9e708f06b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd9e1f6390136b9c83e656c6434f5007b910f584a7df35527fcdb1e883991282
bdfcdc59347ec3b9e38269a6a5938230d37da622d469c82142d23b6c0e422f17
c0b04ef697d6cff323e1711e53ace560b8da3f545489e5a6512a194ecf11de39
c194a832e2c7d7e86907bcf3811b42113bece688ad89f3bbe6c159c5265d6e21
c5602b2e83fb2fd5abdeca2e5d21986046ab1b399eb6a2195708ef329f7a5e7b
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7cc03580e0d3d806749e938dcdaa62202b065f40496633cd4ec936de71dadc4
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c9a184277f6b02cf51e29f17410da5a66b8f2f83ea5d104b531a44dda22fc0b4
cad0546d431d9aaa66508eb31bc7c9b3e0fa5772dca9d182067022ab327b8b76
cca5139c7cc0b9fa74a9989a62701e0bdf7c5cc6167abde3df2bddc1091282d4
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5580d5aba5654980a02e5e5f82841206136f73441be36bfb01fc1a0329800f9
d5609949d7d97a04798d2e6d45cf6646ea0ff326c8bf3c76ede6b8f9ad27c780
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d8e845c4e0ddaf71ae4255f8ba7e005e7d21177daec307afffcc48b688c793c9
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df981a01695742a1661653eedb6ee05ef84c79ada6eb8a4bedbbc6a981e25005
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e0d03795322f25d9d95d750676205ce90d8fdfcb245ab762b9130ba61e981545
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e336f31b4659ca7befc4bd7611580774aed88e4617f32386e551320e7a29309f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e9fcba14ea80a15948ec75eab4b77a7f279cd9f17975102980d27706ea0ccb86
eab609633d113323aea890fbc91dd9723b98518d6dc98b9f63a11ea3c60372b4
eb250cfc5e616deb0c18dd4e306c0566210a471264cf5afa9cf1f2b13456e37c
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8cda5b0dd817aef8d6ef171e9e57243534db4181a4a133b23141b881c1eeb29
f8e7798ef36d36df1886eb4900f3644d3eabd5ef406d7b6fa9b91c8da4844ec1
f9aed62523e942ff01300e2331f6b0ce030698f5a13ed3c453d89c59b2d31f9a
fddcc8a5376dc1f36143b29e3a5197aea500ab25a147db30d1f3a84b89771210
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fec1ad71c0a4db49db22b8efa3a6e1285a7513a28f1978f1358962e151717ee8
fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe

52.64.66.132 Open in urlscan Pro 52.64.66.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

191 Requests

47 %HTTPS

67 %IPv6

31 Domains

45 Subdomains

40 IPs

5 Countries

4659 kBTransfer

10625 kBSize

11 Cookies

12 Outgoing links

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

52.64.66.132 Open in urlscan Pro
52.64.66.132 Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

47 %
HTTPS

67 %
IPv6

31
Domains

45
Subdomains

40
IPs

5
Countries

4659 kB
Transfer

10625 kB
Size

11
Cookies

191 HTTP transactions
5 data transactions