urlscan.io logo urlscan.io
SecurityTrails logo

e.informer.com Open in urlscan Pro
54.173.41.122  Public Scan

Go To Rescan Add Verdict Report
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Submission: On September 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 66 HTTP transactions. The main IP is 54.173.41.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is e.informer.com.
This is the only time e.informer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    54.173.41.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-41-122.compute-1.amazonaws.com
e.informer.com
sur.ly
8    2606:4700:20::ac43:4aeb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sur.ly
img.sur.ly
24    2600:3c00::f03c:93ff:fece:4996 (United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
joshmadison.com
i.sixfoot6.org
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    216.58.206.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
20 sixfoot6.org
i.sixfoot6.org
401 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
250 KB
11 sur.ly
cdn.sur.ly — Cisco Umbrella Rank: 286077
img.sur.ly — Cisco Umbrella Rank: 549755
sur.ly — Cisco Umbrella Rank: 234348
77 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
43 KB
4 joshmadison.com
joshmadison.com
26 KB
3 informer.com
e.informer.com
5 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
2 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
49 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
89 KB
66 13
Domain Requested by
20 i.sixfoot6.org joshmadison.com
i.sixfoot6.org
8 pagead2.googlesyndication.com joshmadison.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 cdn.sur.ly e.informer.com
cdn.sur.ly
5 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 joshmadison.com 1 redirects e.informer.com
joshmadison.com
3 sur.ly e.informer.com
3 e.informer.com 1 redirects cdn.sur.ly
2 www.googleadservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google-analytics.com joshmadison.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com e.informer.com
1 img.sur.ly e.informer.com
66 18

This site contains links to these domains. Also see Links.

Domain
informer.com
software.informer.com
answers.informer.com
articles.informer.com
sur.ly
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-11 -
2024-05-10		 a year crt.sh
joshmadison.com
R3		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sur.ly
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
i.sixfoot6.org
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Frame ID: 2A8502529AC83386F1F62103356F30D2
Requests: 16 HTTP requests in this frame

Frame: https://joshmadison.com/convert-for-windows/
Frame ID: 73B5A4CC117A2117A1735594D2EF17D8
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: 3C2BD2FDC3327F42E0AFC61609E00ECD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Frame ID: AE50E67E4FCD75AA49F3AA280BD419A8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A510F87235DCF22CDAE8520D76047F52
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Frame ID: CEB5ECDC945111511BA68B9D578948FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD7AC7862C044C322789D807D56B968F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8847B1E84E97A3275568E161B76CBD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Convert for Windows – joshmadison.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

94 %
HTTPS

87 %
IPv6

13
Domains

18
Subdomains

16
IPs

2
Countries

1021 kB
Transfer

2238 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://e.informer.com/external?url=joshmadison.com%2Fconvert-for-windows&forceHttps=1&panel_lang=en HTTP 302
  • https://joshmadison.com/convert-for-windows HTTP 301
  • https://joshmadison.com/convert-for-windows/
Request Chain 52
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 55
  • https://googleads.g.doubleclick.net/pagead/adview?ai=COQmev5UNZY2AJM-5_tMPmeyHkAmnk4TZcuDNsvDJEf-D7aC6ORABIPW_iwNglfrwgYwHoAGOyLDQA8gBAakCxf3AjbzdsT6oAwHIA8sEqgTbAU_Q5mCvN6ex97utUAV_X3dtCqb3Kx43vHl5fH5AkHAc8virzc4Q7wSDmppRyxEaDUt1MD2A3Sb_ffsGDe5MK0E4TSp32qRf4tUCyRZcygKydSgwxjz11B-Nj4XMKsH34kSA7NvIGJuvMTva1D9wrZnsl5d4Z2M72ssL9k24fHjJpy2r9rUAoesPJMaYhcFCzRu7DAI2cLe-4LsXchgP_n8qJ_-uf1zy7Bm9uACz-1COYYSCpIpJ6HUZB_UbAwBNw7WNEbrW7rUotWd7XYQt2VRTXFoWsGDacZSIF8AEm8iXrK8EiAXkxJv5SZIFBAgEGAGSBQQIBRgEgAfg3pQzqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ_72NAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCYICaHR0cHM6Ly93d3cuYXZpcmEuY29tL2RlL2NhbXBhaWducy9hY3EvZnJlZS9mcmVlLXNlY3VyaXR5LW9mZmVyLWZvci1kaXNwbGF5P3gtYy1jaGFubmVsPWdkbiZ4LWEtc291cmNlPWdvb2dsZSZ1dG1fc291cmNlPWdvb2dsZSZ4LWEtbWVkaXVtPWNwYyZ1dG1fbWVkaXVtPWNwYyZ4LWEtbmV0d29yaz1zZWFyY2gmdXRtX2NhbXBhaWduPWRlLWRlX2F2cl9mc3NfZGlzX3Byb19uYXVfZnJlX2Fkd19kdHBfbG93Om9wdF9pbnN0YWxscyZnY2xzcmM9YXcuZHMmgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY0NDU3Mjc1NDIyNDgzODEYAA&sigh=TKZQ-RiBe7Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwBpAlJWR3183nefMGxIXKQcSK_jgmtFVeSsMhgB&template_id=5020&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217895729112505717343%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973874190%22],%224%22:[%2209-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214562442358740125345%22}&andc=true

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
e.informer.com/s/joshmadison.com/convert-for-windows/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
HTTP/1.1
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
8b15ef4e03c0be7660f2027e5b30c0c8935378fb71f1bf015ec4656553f628f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Sep 2023 13:25:17 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Vary
Accept-Encoding User-Agent
jquery.min.js
cdn.sur.ly/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/jquery.min.js
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
528393
etag
W/"62a6bbba-16cfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUhXfYeua%2FHJHVXtGhtaiLh1CF0pPIPOTgVrM201JJNmulpInHDoWgDmBpP2gS%2BjP9xUt50TLoUzdLLrzkO%2B57PT8SGNXjChZhH8WIXX3lufAa7aI5yjUXt0%2BTR2viVgZUTqzF36EQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
80aadf811c8d9b58-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 30 Sep 2023 16:32:53 GMT
device.js
cdn.sur.ly/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/device.js
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bfdf3fec5f85f15ff7eab703567df493fd816c9f5def19324ad81e3c3da40d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
525668
cf-polished
origSize=2605
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-a2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTpa5Dh7%2FqMSYkKjRXO2g%2BVZCiOqEY8aeLtxA56rsJpZ4pnhA25LIIKpvgrpo6Gy7yV7TB8ajMix82X8Eednfk4v9RF2h5J1Vp7GX1uxiGXi8DgtpKggWdo86Q7y5tBTn9IKz2wu%2F3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
80aadf811c8e9b58-FRA
expires
Sat, 14 Oct 2023 11:33:41 GMT
panel.js
cdn.sur.ly/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/js/panel.js
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baba3988b5be911a40b685194ebb47eacfdd29ff65c6ca357974c57c5e10c8fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
452304
cf-polished
origSize=3675
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WlyaSdJnIErr8XT0mT%2FsLDz0C4XEMuKvcBS3xPZ2LIZkXRYxk4Pf6r%2BIIxLvERX6cYMlkCalZA%2F2zqs8DT5LASPyq6tIGPsccnpT5SYxpLXFfFbTXTc7i63VWi79X6rzw8Cr6%2FVX6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
80aadf811c8f9b58-FRA
expires
Wed, 27 Sep 2023 15:16:33 GMT
panel.css
cdn.sur.ly/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/css/panel.css
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74125
cf-polished
origSize=16422
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-4026"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4g4ZmJeRoSWjnpqhVxJ%2BGMrPB24GOcd5vHaaDhU5CSmj5fzvpgDsEz9H6sqknY760ituHehtwxtn27y0frdDMqG1gkqzTV%2FpMuu%2FRqDa4MVBWxYdGqbyAp4YlICjGx9ae6nePeSImtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
80aadf810c8c9b58-FRA
expires
Mon, 16 Oct 2023 19:10:05 GMT
desktop.js
cdn.sur.ly/desktop/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/desktop/js/desktop.js
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
525414
cf-polished
origSize=9803
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
W/"62a6bbba-264b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9e7ZaWLJ4ASZTSVqXHErQLjTfHiGN7XAGTs3hO4e2LYWBB6RSV%2BknNS3utTr7yCeuOitHVVvfj7tV9F0JQL4x8YxQU3Vy0Bvxg0UXguEGy1Hb7TUw7zFxnACTaiXwY5n4DA4UiqvAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
80aadf811c909b58-FRA
expires
Tue, 19 Sep 2023 13:21:15 GMT
informer.com.ico
img.sur.ly/favicons/i/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sur.ly/favicons/i/informer.com.ico
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76bf9ba07053ae43b98354707919edfb22ea913449d190785a5446d8d8d94caa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
x-amz-version-id
3lv0.8gRqMrk2NgFddWzPnVZfqKn8kpq
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RXQP7WXDHVWDNW8T
age
347347
alt-svc
h3=":443"; ma=86400
content-length
32038
x-amz-id-2
m0lp1SJxblh5APw33hTndg73jj2lbEIkZ1T2r6yXt5oVw+aLduS9aKV0469xiAGJ9DpeTwv0+sk=
last-modified
Wed, 17 Feb 2021 20:53:13 GMT
server
cloudflare
etag
"e8d009e34aa14fd014772018c4f7e402"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2B2vpvT9LGIVS1o%2BQZw%2BSjRVqbgqfHY7GEo4fVkiYzP9F0uI1Nwz3H6Ls8rjAvpp2tB0v6vYYmEdHZztFSBNBWpsdkOm6CIDIxOCJa8Lp%2FTKgeYnn5gNmJgy0gqysap8dG7BiRX9%2Bdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
80aadf815d1b9b58-FRA
expires
Thu, 28 Sep 2023 06:18:20 GMT
favicon-196x196.png
joshmadison.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://joshmadison.com/favicon-196x196.png
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
5eef666189038c85264e318c992d0f91be4436015cee6e1dce4cf0a2f8a7579b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:18 GMT
content-encoding
gzip
last-modified
Sun, 10 Sep 2023 00:02:46 GMT
server
nginx
etag
W/"64fd07a6-429b"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Fri, 29 Sep 2023 13:25:18 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a39e2c2a9781ffaed2a3146f2022c8c3d62584d9747d6308e7c20765771af1d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91155
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Sep 2023 13:25:17 GMT
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5212&r=29260
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:18 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
/
joshmadison.com/convert-for-windows/ Frame 73B5
Redirect Chain
  • http://e.informer.com/external?url=joshmadison.com%2Fconvert-for-windows&forceHttps=1&panel_lang=en
  • https://joshmadison.com/convert-for-windows
  • https://joshmadison.com/convert-for-windows/
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://joshmadison.com/convert-for-windows/
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
332e7698c6b25c878201985ff386baa6ea14e83ff6d90ec9c7e7e061ae0a1c01

Request headers

Referer
http://e.informer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 22 Sep 2023 13:25:18 GMT
etag
W/"650a50a5-3fb1"
expires
Sat, 23 Sep 2023 13:25:18 GMT
last-modified
Wed, 20 Sep 2023 01:53:41 GMT
pragma
public
server
nginx
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=86400 public
content-length
162
content-type
text/html
date
Fri, 22 Sep 2023 13:25:18 GMT
expires
Sat, 23 Sep 2023 13:25:18 GMT
location
https://joshmadison.com/convert-for-windows/
pragma
public
server
nginx
stat.php
sur.ly/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=4165&r=64738
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:18 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
stat.php
sur.ly/ 		43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sur.ly/stat.php?id=5893&r=98535
Requested by
Host: e.informer.com
URL: http://e.informer.com/s/joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:18 GMT
referrer-policy
origin-when-cross-origin
server
nginx/1.14.2
content-length
43
content-type
image/gif
surly.ttf
cdn.sur.ly/font/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.sur.ly/font/surly.ttf
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/css/panel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a

Request headers

Referer
https://cdn.sur.ly/css/panel.css
Origin
http://e.informer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2524854
alt-svc
h3=":443"; ma=86400
content-length
2440
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-988"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3BxtozN%2Bnv65socNtqwVxqGz53SzXaTvaMguodb1DObleEentbHdFiArj9ccEpAmzOgPvBVkywwoGan812gB0rj3RQXaMGPV%2Biu07rLN7F3dmNrRrQ7tUngCVCBVe77m5c7IKushiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80aadf816c6d366b-FRA
expires
Sun, 03 Sep 2023 15:40:21 GMT
info
e.informer.com/panel/ 		21 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://e.informer.com/panel/info
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/js/jquery.min.js
Protocol
HTTP/1.1
Server
54.173.41.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-41-122.compute-1.amazonaws.com
Software
nginx/1.14.2 /
Resource Hash
f698d6011b6fbb1720c7466abe5530957b645b67d1a4c7e7e04d85d0e5bae471

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://e.informer.com/s/joshmadison.com/convert-for-windows/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 22 Sep 2023 13:25:17 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
b-progress.png
cdn.sur.ly/img/ 		96 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sur.ly/img/b-progress.png
Requested by
Host: cdn.sur.ly
URL: https://cdn.sur.ly/css/panel.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df45d2380d3576524448872de57a016dc9af5f31fd3d844328660730fad1b50a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.sur.ly/css/panel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
523661
cf-polished
origFmt=png, origSize=206
content-disposition
inline; filename="b-progress.webp"
alt-svc
h3=":443"; ma=86400
content-length
96
cf-bgj
imgq:100,h2pri
last-modified
Mon, 13 Jun 2022 04:23:22 GMT
server
cloudflare
etag
"62a6bbba-ce"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nULUf96A8rG1aNA9edS2BZxOgvNUZsePeQc5YSprcZajAiMXfpAjMNkascLHQnlgvCeBqr7Mblsw2pw359UUIr8QMx%2BonSzZbZjxJWmXWH8g%2BXTV2WIshzcNFO5zQHIagSsfvOMOtq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
80aadf816d329b58-FRA
expires
Sat, 14 Oct 2023 17:33:07 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L04HQHN9RZ&gtm=45je39k0&_p=1565166748&cid=1902259522.1695389118&ul=en-us&sr=1600x1200&_s=1&sid=1695389117&sct=1&seg=0&dl=http%3A%2F%2Fe.informer.com%2Fs%2Fjoshmadison.com%2Fconvert-for-windows%2F&dt=Convert%20for%20Windows%20%E2%80%93%20joshmadison.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L04HQHN9RZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://e.informer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 13:25:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://e.informer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
i.sixfoot6.org/scripts/bootstrap-jfm-1.0.4/css/ Frame 73B5 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/bootstrap-jfm-1.0.4/css/bootstrap.min.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
6fc6c943ba308ba6367007854292c56c61fb41a1431e014c97caa5c1232933f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:46 GMT
server
nginx
etag
W/"64fcc02a-17db9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
font-awesome.min.css
i.sixfoot6.org/fonts/font-awesome-4.5.0/css/ Frame 73B5 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/font-awesome-4.5.0/css/font-awesome.min.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
fb638365f12788a6bb609546b687b4742fab07ca836ec02301c5cedb3acc70cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:36 GMT
server
nginx
etag
W/"64fcc020-6b19"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
jquery.fancybox.min.css
i.sixfoot6.org/scripts/fancybox/dist/ Frame 73B5 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/fancybox/dist/jquery.fancybox.min.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:46 GMT
server
nginx
etag
W/"64fcc02a-31fb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
ivar.css
i.sixfoot6.org/fonts/ivar/ Frame 73B5 		849 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/ivar/ivar.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
a2e47fc2c7f9810fb9d297e60b9a59211b227eb76225532d8e51755f5bbae4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:31 GMT
server
nginx
etag
"64fcc01b-351"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
849
expires
Fri, 29 Sep 2023 13:25:19 GMT
sohne.css
i.sixfoot6.org/fonts/sohne/ Frame 73B5 		615 B
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/sohne/sohne.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
eff5305094b1be191802d270729c74c551368ea223044838b1094c0455ba1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:32 GMT
server
nginx
etag
"64fcc01c-267"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
615
expires
Fri, 29 Sep 2023 13:25:19 GMT
sohne-mono.css
i.sixfoot6.org/fonts/sohne-mono/ Frame 73B5 		460 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/sohne-mono/sohne-mono.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
093636fe01bcc60c38222d1458565418c2ab27527f6aef299b3ed7fd82d90e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:32 GMT
server
nginx
etag
"64fcc01c-1cc"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
460
expires
Fri, 29 Sep 2023 13:25:19 GMT
main.css
joshmadison.com/css/ Frame 73B5 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joshmadison.com/css/main.css
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
f051bd50785a66beb2915ff0878af5bc85bb05f23f6c057b1fa497f21920cc3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/convert-for-windows/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:18 GMT
content-encoding
gzip
last-modified
Wed, 20 Sep 2023 01:53:35 GMT
server
nginx
etag
W/"650a509f-3d7a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
expires
Fri, 29 Sep 2023 13:25:18 GMT
convertani.gif
i.sixfoot6.org/images/convert-for-windows/ Frame 73B5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.sixfoot6.org/images/convert-for-windows/convertani.gif
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
0b58ebb41d5fef7791c51043db9af867a0f555b51510398812048a603872b825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:46 GMT
server
nginx
etag
W/"64fcc02a-3376"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 21 Sep 2024 13:25:19 GMT
being_used_map.jpg
i.sixfoot6.org/images/convert-for-windows/ Frame 73B5 		72 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.sixfoot6.org/images/convert-for-windows/being_used_map.jpg
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
f3dae1179c2aada90c313212cdf69cc1481641f00cacb52038ce67fad5f804ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:46 GMT
server
nginx
etag
W/"64fcc02a-11eaf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 21 Sep 2024 13:25:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 73B5 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f11709f11c3bc3150454b350baa12e6e2c7b15e3b1cdb8491ba1291cd2b78938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50632
x-xss-protection
0
server
cafe
etag
16178070837209337777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 13:25:18 GMT
josh-sig-trans.png
i.sixfoot6.org/images/misc/ Frame 73B5 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.sixfoot6.org/images/misc/josh-sig-trans.png
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
ddebba93378615178125ed70f1cd6448668c1dc400ac2c78ed766707b30621e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:43 GMT
server
nginx
etag
W/"64fcc027-5ae"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 21 Sep 2024 13:25:19 GMT
jm-favicon-circular-lowercase-60.png
i.sixfoot6.org/images/favicons/ Frame 73B5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.sixfoot6.org/images/favicons/jm-favicon-circular-lowercase-60.png
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
c97524658d6556300d3a8cf537d4c468881d550133a0e3fd90edec7fbd5907dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:37 GMT
server
nginx
etag
W/"64fcc021-7b5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
expires
Sat, 21 Sep 2024 13:25:19 GMT
jquery-2.2.4.min.js
i.sixfoot6.org/scripts/jquery/ Frame 73B5 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/jquery/jquery-2.2.4.min.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:47 GMT
server
nginx
etag
W/"64fcc02b-14e4a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
bootstrap.min.js
i.sixfoot6.org/scripts/bootstrap-3.4.1-dist/js/ Frame 73B5 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/bootstrap-3.4.1-dist/js/bootstrap.min.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:47 GMT
server
nginx
etag
W/"64fcc02b-9b00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
jquery.fancybox.min.js
i.sixfoot6.org/scripts/fancybox/dist/ Frame 73B5 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/fancybox/dist/jquery.fancybox.min.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
gzip
last-modified
Sat, 09 Sep 2023 18:57:46 GMT
server
nginx
etag
W/"64fcc02a-10a9d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
expires
Fri, 29 Sep 2023 13:25:19 GMT
scrolltotop.js
i.sixfoot6.org/scripts/jquery/ Frame 73B5 		566 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/jquery/scrolltotop.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
074fc3fbcc3b267331e8cc9251c6949ca77f6d4854feb4c46eb861af878cdf6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:47 GMT
server
nginx
etag
"64fcc02b-236"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
566
expires
Fri, 29 Sep 2023 13:25:19 GMT
confusement.js
i.sixfoot6.org/scripts/ Frame 73B5 		996 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/scripts/confusement.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
d5a1dd91a6dfdefeaea602853a26b65c998e53d94943607f73d67f2667485e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:47 GMT
server
nginx
etag
"64fcc02b-3e4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://joshmadison.com
cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
996
expires
Fri, 29 Sep 2023 13:25:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame 3C2B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://joshmadison.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 06:59:06 GMT
etag
2603938475786422795
expires
Fri, 06 Oct 2023 06:59:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame 73B5 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6445727542248381&plah=joshmadison.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17ddf5015b3b400aee1c405dc63391c68465a1345a8b7bb5c79219c378e2c853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131561
x-xss-protection
0
server
cafe
etag
12245369081288284452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 13:25:19 GMT
soehne-web-buch.woff2
i.sixfoot6.org/fonts/sohne/ Frame 73B5 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/sohne/soehne-web-buch.woff2
Requested by
Host: i.sixfoot6.org
URL: https://i.sixfoot6.org/fonts/sohne/sohne.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
8f3710918c71393d74cb69401d04a05be7d1ce4b8870cf21405402a3798d0595

Request headers

Referer
https://i.sixfoot6.org/fonts/sohne/sohne.css
Origin
https://joshmadison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:32 GMT
server
nginx
etag
"64fcc01c-9c1b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
39963
expires
Sat, 21 Sep 2024 13:25:19 GMT
soehne-web-kraftig.woff2
i.sixfoot6.org/fonts/sohne/ Frame 73B5 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/sohne/soehne-web-kraftig.woff2
Requested by
Host: i.sixfoot6.org
URL: https://i.sixfoot6.org/fonts/sohne/sohne.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
0f20f023b25508c3b3a0c5607059cc1841cfebcaf981aa3f32407d8c25543f2b

Request headers

Referer
https://i.sixfoot6.org/fonts/sohne/sohne.css
Origin
https://joshmadison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:32 GMT
server
nginx
etag
"64fcc01c-96c0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
38592
expires
Sat, 21 Sep 2024 13:25:19 GMT
IvarText-Regular.woff2
i.sixfoot6.org/fonts/ivar/ Frame 73B5 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/ivar/IvarText-Regular.woff2
Requested by
Host: i.sixfoot6.org
URL: https://i.sixfoot6.org/fonts/ivar/ivar.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
af7094686d1a9a79b82e44e561e73baf887473b72866a38b5b21ec059b55e973

Request headers

Referer
https://i.sixfoot6.org/fonts/ivar/ivar.css
Origin
https://joshmadison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:31 GMT
server
nginx
etag
"64fcc01b-95ac"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
38316
expires
Sat, 21 Sep 2024 13:25:19 GMT
IvarText-Bold.woff2
i.sixfoot6.org/fonts/ivar/ Frame 73B5 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/ivar/IvarText-Bold.woff2
Requested by
Host: i.sixfoot6.org
URL: https://i.sixfoot6.org/fonts/ivar/ivar.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
b23d5a41f9c5d119119d3d907176890693d7b5e903e5996588e7c91ec34f12e5

Request headers

Referer
https://i.sixfoot6.org/fonts/ivar/ivar.css
Origin
https://joshmadison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:31 GMT
server
nginx
etag
"64fcc01b-9e4c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
40524
expires
Sat, 21 Sep 2024 13:25:19 GMT
fontawesome-webfont.woff2
i.sixfoot6.org/fonts/font-awesome-4.5.0/fonts/ Frame 73B5 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i.sixfoot6.org/fonts/font-awesome-4.5.0/fonts/fontawesome-webfont.woff2
Requested by
Host: i.sixfoot6.org
URL: https://i.sixfoot6.org/fonts/font-awesome-4.5.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:3c00::f03c:93ff:fece:4996 , United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://i.sixfoot6.org/fonts/font-awesome-4.5.0/css/font-awesome.min.css
Origin
https://joshmadison.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Fri, 22 Sep 2023 13:25:19 GMT
last-modified
Sat, 09 Sep 2023 18:57:36 GMT
server
nginx
etag
"64fcc020-10440"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
66624
expires
Sat, 21 Sep 2024 13:25:19 GMT
taglines.php
i.sixfoot6.org/ Frame 73B5 		0
0
analytics.js
www.google-analytics.com/ Frame 73B5 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: joshmadison.com
URL: https://joshmadison.com/convert-for-windows/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 11:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5736
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Sep 2023 13:49:43 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AE50 		112 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6445727542248381&plah=joshmadison.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f38ea112e1f5c4089f177ba9421d2e74c4b71ee12a3e19d0b33205351a429f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://joshmadison.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38558
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 13:25:20 GMT
expires
Fri, 22 Sep 2023 13:25:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame AE50 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 13:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 12:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 13:25:20 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame AE50 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
17075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame AE50 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
17075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A510 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 13:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame AE50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
11296
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 10:17:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame AE50 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE50 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 13:25:20 GMT
c233ef7b00e27d1a3d2fdfcca9f8c94a.js
www.gstatic.com/mysidia/ Frame AE50 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c233ef7b00e27d1a3d2fdfcca9f8c94a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:54:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15198
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 20:35:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Dec 2023 20:54:45 GMT
truncated
/ Frame AE50 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame A510
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 13:25:20 GMT
expires
Fri, 22 Sep 2023 13:25:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 13:25:20 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AE50 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08bef71de3926a9e2756bcfd2d3f9ac875c98f65656eb89fd634b4a171417e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AE50 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 05:04:01 GMT
x-content-type-options
nosniff
age
548480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 05:04:01 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame AE50
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=COQmev5UNZY2AJM-5_tMPmeyHkAmnk4TZcuDNsvDJEf-D7aC6ORABIPW_iwNglfrwgYwHoAGOyLDQA8gBAakCxf3AjbzdsT6oAwHIA8sEqgTbAU_Q5mCvN6ex97utUAV_X3dtCqb3Kx43vHl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217895729112505717343%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217895729112505717343%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973874190%22],%224%22:[%2209-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214562442358740125345%22}&andc=true
Protocol
H3
Server
216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"17895729112505717343","debug_reporting":true,"destination":"https://avira.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973874190"],"4":["09-22"],"6":["true"]},"priority":"500","source_event_id":"14562442358740125345"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Sep 2023 13:25:21 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Sep 2023 13:25:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17895729112505717343","debug_reporting":true,"destination":"https://avira.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["973874190"],"4":["09-22"],"6":["true"]},"priority":"500","source_event_id":"14562442358740125345"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 73B5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6445727542248381&plah=joshmadison.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c9f1ec1baf947390858e83606b1c10a2dfed2ca3b29261dd174f52b7a0e35e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12049
x-xss-protection
0
kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
pagead2.googlesyndication.com/bg/ Frame CEB5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/kgPu8ucFjQWm9sPwItG3xGC9C84b-jPcUt_enD3F6OI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6445727542248381&output=html&h=600&slotname=7220143509&adk=1715447849&adf=671647946&pi=t.ma~as.7220143509&w=270&fwrn=16&fwrnh=100&lmt=1695167621&rafmt=1&format=270x600&url=https%3A%2F%2Fjoshmadison.com%2Fconvert-for-windows%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1695389119244&bpp=12&bdt=853&idt=237&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&correlator=3613146569590&frm=22&ife=1&pv=2&ga_vid=371891935.1695389119&ga_sid=1695389119&ga_hid=458026294&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1155&ifk=2440302671&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31077222%2C44795921&oid=2&pvsid=737270983146865&tmod=571820235&uas=0&nvt=1&top=http%3A%2F%2Fe.informer.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1155&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.d1z4fnt5jqpk&fsb=1&xpc=fuiUIA7y55&p=https%3A//joshmadison.com&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 06:58:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
23215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 06:58:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217895729112505717343%22,%22debug_reporting%22:true,%22destination%22:%22https://avira.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22973874190%22],%224%22:[%2209-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214562442358740125345%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Sep 2023 13:25:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 73B5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6445727542248381&plah=joshmadison.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 13:25:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD7A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://joshmadison.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 10:20:23 GMT
expires
Sat, 21 Sep 2024 10:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F884 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cec17482ff3f5a586ddc15522d5215dcb97996412319ab38f973f6dcbf96c958
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FCLhKunJC0PuYcN4-h_XBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://joshmadison.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FCLhKunJC0PuYcN4-h_XBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 13:25:21 GMT
expires
Fri, 22 Sep 2023 13:25:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame DD7A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 12:20:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
3887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 12:20:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F884 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=737270983146865&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DD7A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PAZSsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 13:25:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 73B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=737270983146865&bg=!yMuly4TNAAYrDsWMCw47ADQBe5WfOLUhQsizwdHQsEOFlYjqhhgxldDfMCFKYnSvxNNhuh1-zaQwwLkc3DZp1ju4N70XAgAAAGJSAAAADWgBBwoAAiAamQLJIUkpO1Arnqjlrn32AonTxXuLpTlJqQUIbqnbtcot2PAixrcYRtw6VlFEU5M9W_DqYDTPiC8wgaxtBo8krmu0baSTe0XF17ocws1uLQclC01Qmad5Z1OTytYXcDuG3hvYiZzhiQmdBWL4NXRXQbY0JvllBy7XnTPMhXoUbIpNmw5vJRM7WSnRX54XH0LYfAkct9AFA6vP_KelLfT-rCywhMYXiPo_6N_U9QQdM5CfpVPlg5VqGGUUuHAqdbmwxF4vAdor0bqV-jWCq2RibKJxl-T9JvK_1y95dumeE9AInrPSh63-f2nO3I7lrvDfkd1E2NjpFSn3Y7wpmvOnW0S1-TCAVWdSyYquxxnr6FEM3kQ7i_EU6ukuD--3QWMtWYbpLVLDmczOJYW9FJmeTRXd3cjKk6HBAi5rVAyEKD669z30tqO3Usjt89CPdSvtkMQrDVkwT-CTcIrPbHZ1g8QR_xWEVbZqzNSYwcB0XJgRRKCqUtet9CFAB7IHvvpm8QrDs2tFv-lYflfXfrUBuFScRhnUueYyJG2Uoy_gmDL0CclAy-VXdi6SGKNPbvDTSOUe6XYWt6z9Mc61AwrCFXTBC7Zc6Yo5LKPHlSkDLRB3gdgF1lXTTytQ3jqgk6xwJ5JRijVuLqEK-zLJz6KKyBfRCSlkE4ikjZV3vQMxWH9A4YmgqZLDNkUFsgNWj2OgPSRMpwY6MA-IUfsKazUdys8hin2ik1nm-RzYeBBl84bpvZIIcblBHQ-10ejB9ep7XHNfqBASl5lu7NoWHimfGyhxDbL0Sj-ArsggarVHnIM0GGp6EM17D6a7HeqhaCzWD3ihgYPm-1sQ8I_-OuU9y_PIkrOdPul-ZThxaqCes13fCWk-yuBs_wCN_7BiRMBR8ZNKLS_BQ2wFThb_9rgqB5FGpmT7tiaHKZw-viChXoC9SMKXPzI2R-DJNqI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joshmadison.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame AE50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste3HdYwwgGu2f-nDszb5ASo2pxU4Shny6Z3bKMZ_GTAe7drC_PEAsKPrAQGODoFuL1YWQrMbyekG_L7qtLHGA_cTc2UW9IUt7thnxN9S5BYr6q54sFNzOlEAa5LtWL4ywfjvj_chN56WiL&sai=AMfl-YT1bW2HOqygCMgf0BGMRLfHDpgAgw4Y6DWpIQUiwDfV7uHAkKf3hiD0miFScotV0WKVrWC06ZWlxIva&sig=Cg0ArKJSzIO0CXLQoKWyEAE&cid=CAQSGwBpAlJWR3183nefMGxIXKQcSK_jgmtFVeSsMhgB&id=lidar2&mcvt=1000&p=0,0,600,270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1715447849&rs=2&la=0&cr=0&vs=4&r=v&rst=1695389119496&rpt=1575&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 13:25:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.sixfoot6.org
URL
https://i.sixfoot6.org/taglines.php

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| device function| Panel object| App function| sendAbuseMessage function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
e.informer.com/ Name: visitor_id
Value: 3f049a0f44c96c9f4c433c7748fe1940bd6a24b6
e.informer.com/ Name: surl_panel
Value: 1
.informer.com/ Name: _ga
Value: GA1.1.1902259522.1695389118
.informer.com/ Name: _ga_L04HQHN9RZ
Value: GS1.1.1695389117.1.0.1695389117.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUk9eqx7KENgnlFxvinDqyijToUjGbrl-pKkzEj4ZtBr23ARml-yLS42zpodIN0
.googleadservices.com/ Name: ar_debug
Value: 1

2 Console Messages

Source Level URL
Text
javascript error URL: https://joshmadison.com/convert-for-windows/
Message:
Access to XMLHttpRequest at 'https://i.sixfoot6.org/taglines.php' from origin 'https://joshmadison.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.sixfoot6.org/taglines.php
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sur.ly
e.informer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.sixfoot6.org
img.sur.ly
joshmadison.com
pagead2.googlesyndication.com
region1.google-analytics.com
sur.ly
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
i.sixfoot6.org
2001:4860:4802:34::36
216.58.206.34
2600:3c00::f03c:93ff:fece:4996
2606:4700:20::ac43:4aeb
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
54.173.41.122
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
074fc3fbcc3b267331e8cc9251c6949ca77f6d4854feb4c46eb861af878cdf6f
08bef71de3926a9e2756bcfd2d3f9ac875c98f65656eb89fd634b4a171417e4d
093636fe01bcc60c38222d1458565418c2ab27527f6aef299b3ed7fd82d90e57
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b58ebb41d5fef7791c51043db9af867a0f555b51510398812048a603872b825
0f20f023b25508c3b3a0c5607059cc1841cfebcaf981aa3f32407d8c25543f2b
17ddf5015b3b400aee1c405dc63391c68465a1345a8b7bb5c79219c378e2c853
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332e7698c6b25c878201985ff386baa6ea14e83ff6d90ec9c7e7e061ae0a1c01
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5c9f1ec1baf947390858e83606b1c10a2dfed2ca3b29261dd174f52b7a0e35e7
5eef666189038c85264e318c992d0f91be4436015cee6e1dce4cf0a2f8a7579b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
687aa3f2e902b02283d9a08521b7d77314cd2c7a1c921006974c8e40382bae08
6fc6c943ba308ba6367007854292c56c61fb41a1431e014c97caa5c1232933f6
76bf9ba07053ae43b98354707919edfb22ea913449d190785a5446d8d8d94caa
893f9fbf43e5c59e7f3fde7dc3e3596bca16a8e1e02e0972d456fba3a67cb20a
8b15ef4e03c0be7660f2027e5b30c0c8935378fb71f1bf015ec4656553f628f7
8f3710918c71393d74cb69401d04a05be7d1ce4b8870cf21405402a3798d0595
9203eef2e7058d05a6f6c3f022d1b7c460bd0bce1bfa33dc52dfde9c3dc5e8e2
965927282408a0c1384214531aeb2070e3ee108f43b370bdba2680e75ad5f533
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99bfdf3fec5f85f15ff7eab703567df493fd816c9f5def19324ad81e3c3da40d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a2e47fc2c7f9810fb9d297e60b9a59211b227eb76225532d8e51755f5bbae4cb
a39e2c2a9781ffaed2a3146f2022c8c3d62584d9747d6308e7c20765771af1d1
af7094686d1a9a79b82e44e561e73baf887473b72866a38b5b21ec059b55e973
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23d5a41f9c5d119119d3d907176890693d7b5e903e5996588e7c91ec34f12e5
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b8ab5f91903d3ffacb3291e6c04e255b777d32970c2ac56f48e527089044b234
baba3988b5be911a40b685194ebb47eacfdd29ff65c6ca357974c57c5e10c8fa
c97524658d6556300d3a8cf537d4c468881d550133a0e3fd90edec7fbd5907dc
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cec17482ff3f5a586ddc15522d5215dcb97996412319ab38f973f6dcbf96c958
d5a1dd91a6dfdefeaea602853a26b65c998e53d94943607f73d67f2667485e39
ddebba93378615178125ed70f1cd6448668c1dc400ac2c78ed766707b30621e4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df45d2380d3576524448872de57a016dc9af5f31fd3d844328660730fad1b50a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff5305094b1be191802d270729c74c551368ea223044838b1094c0455ba1b7f
f051bd50785a66beb2915ff0878af5bc85bb05f23f6c057b1fa497f21920cc3c
f11709f11c3bc3150454b350baa12e6e2c7b15e3b1cdb8491ba1291cd2b78938
f38ea112e1f5c4089f177ba9421d2e74c4b71ee12a3e19d0b33205351a429f74
f3dae1179c2aada90c313212cdf69cc1481641f00cacb52038ce67fad5f804ec
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f698d6011b6fbb1720c7466abe5530957b645b67d1a4c7e7e04d85d0e5bae471
fb638365f12788a6bb609546b687b4742fab07ca836ec02301c5cedb3acc70cb
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995