abovethefold.live Open in urlscan Pro
108.62.0.112 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://abovethefold.live/
Submission Tags: @phishunt_io
Submission: On July 05 via api (July 5th 2022, 10:07:53 am UTC) from DE — Scanned from DE

Summary HTTP 201 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 201 HTTP transactions. The main IP is 108.62.0.112, located in Manassas, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is abovethefold.live.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 5th 2022. Valid for: 3 months.

This is the only time abovethefold.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
94	108.62.0.112 108.62.0.112	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::681a:e5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:480... 2a02:26f0:480:3::210:ee91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
25	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.58.170 65.9.58.170	16509 (AMAZON-02) (AMAZON-02)
3	54.166.84.155 54.166.84.155	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:f5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.148.100.42 54.148.100.42	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	99.86.4.21 99.86.4.21	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.38 99.86.4.38	16509 (AMAZON-02) (AMAZON-02)
2	136.243.111.146 136.243.111.146	24940 (HETZNER-AS) (HETZNER-AS)
2	212.32.243.52 212.32.243.52	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.250.171.64 34.250.171.64	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:e9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
201	35

94 108.62.0.112 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: wa01.skystracloud.com

abovethefold.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:e5c (United States)

ASN13335 (CLOUDFLARENET, US)

d.plerdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.plerdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.plerdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:3::210:ee91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-170.fra56.r.cloudfront.net

d3rxaij56vjege.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.166.84.155 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-84-155.compute-1.amazonaws.com

seal-sask.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9197 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f5c (United States)

ASN13335 (CLOUDFLARENET, US)

c.plerdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.100.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-100-42.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.stat-track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-21.fra6.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.111.146 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.146.111.243.136.clients.your-server.de

forms.m-pages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.32.243.52 (Dieren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

t.stat-track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.171.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e9e (United States)

ASN13335 (CLOUDFLARENET, US)

tawk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	abovethefold.live abovethefold.live	1 MB
25	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8273 va.tawk.to — Cisco Umbrella Rank: 7866	203 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	476 KB
9	plerdy.com d.plerdy.com — Cisco Umbrella Rank: 98305 c.plerdy.com — Cisco Umbrella Rank: 55513 a.plerdy.com — Cisco Umbrella Rank: 52857	107 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482 tracking.crazyegg.com — Cisco Umbrella Rank: 3393	33 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 m.stripe.com — Cisco Umbrella Rank: 1533	77 KB
5	google.com www.google.com — Cisco Umbrella Rank: 8	40 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	4 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	142 KB
3	stat-track.com cdn.stat-track.com — Cisco Umbrella Rank: 123205 t.stat-track.com — Cisco Umbrella Rank: 182112	23 KB
3	bbb.org seal-sask.bbb.org	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	197 KB
2	m-pages.com forms.m-pages.com — Cisco Umbrella Rank: 135676	10 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	426 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8160 prism.app-us1.com — Cisco Umbrella Rank: 8216	6 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	39 KB
1	tawk.link tawk.link — Cisco Umbrella Rank: 32794	26 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7883	362 B
1	google.de www.google.de — Cisco Umbrella Rank: 5448	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119	443 B
1	cloudfront.net d3rxaij56vjege.cloudfront.net	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	40 KB
201	26

	Domain	Requested by
94	abovethefold.live	abovethefold.live c.plerdy.com
20	embed.tawk.to	abovethefold.live embed.tawk.to
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	va.tawk.to	embed.tawk.to
5	www.google.com	abovethefold.live www.gstatic.com
5	fonts.googleapis.com	abovethefold.live embed.tawk.to
4	a.plerdy.com	c.plerdy.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google-analytics.com	abovethefold.live www.google-analytics.com
4	script.crazyegg.com	abovethefold.live script.crazyegg.com
4	www.googletagmanager.com	abovethefold.live www.googletagmanager.com
3	seal-sask.bbb.org	abovethefold.live seal-sask.bbb.org
3	connect.facebook.net	abovethefold.live connect.facebook.net
3	d.plerdy.com	abovethefold.live c.plerdy.com
3	js.stripe.com	abovethefold.live js.stripe.com
2	t.stat-track.com	cdn.stat-track.com
2	forms.m-pages.com	cdn.stat-track.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	abovethefold.live
2	c.plerdy.com	d.plerdy.com
2	www.facebook.com	abovethefold.live
2	region1.google-analytics.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
1	cdn.jsdelivr.net	embed.tawk.to
1	tawk.link
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	cdn.stat-track.com	abovethefold.live
1	m.stripe.com	m.stripe.network
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.google.de	abovethefold.live
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	abovethefold.live
1	www.linkedin.com	1 redirects
1	diffuser-cdn.app-us1.com	abovethefold.live
1	d3rxaij56vjege.cloudfront.net	abovethefold.live
1	snap.licdn.com	abovethefold.live
1	www.googleoptimize.com	abovethefold.live
201	40

This site contains links to these domains. Also see Links.

Domain
getfound.live
youtu.be
www.facebook.com
www.bbb.org
www.linkedin.com
www.youtube.com
www.instagram.com
open.spotify.com

Subject Issuer	Validity	Valid
abovethefold.live cPanel, Inc. Certification Authority	`2022-07-05` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.bbb.org GeoTrust RSA CA 2018	`2020-05-15` - `2022-07-03`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
cdn.stat-track.com R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.m-pages.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.stat-track.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-29` - `2023-07-12`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://abovethefold.live/
Frame ID: 2C706A48DF93B774ADDC4927EDDDB145
Requests: 172 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: A23DB54D76F8F4C654101EDE5A4BC24B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&co=aHR0cHM6Ly9hYm92ZXRoZWZvbGQubGl2ZTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=apw0ufmvyqlb
Frame ID: 4BAE670BE6EC4204E0008289CB3ADAA8
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 24FED7CA6C580BA6A78BDADCA1BCAA21
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0AC07FDA2FA2906177AB5633C4DA9843
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css
Frame ID: 788CFF94CE765717B8F58AAAB2955111
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css
Frame ID: 2BAD3E61EE7C3E7A42DFE04FD11A621F
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css
Frame ID: 132954075FA503898CDEFC0E305B3169
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css
Frame ID: E0BACCCA7320D957707D98FFF58E35B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hey #GoogleGirl! Digital Marketing & Training by Above the Fold

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

201
Requests

97 %
HTTPS

63 %
IPv6

26
Domains

40
Subdomains

35
IPs

5
Countries

2821 kB
Transfer

7583 kB
Size

30
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://getfound.live/
Title: Get Found Courses

Search URL Search Domain Scan URL

URL: https://getfound.live/register-like-it-on-top/
Title: Click here to join ‘Like it on Top of Google‘ our FREE live training!

Search URL Search Domain Scan URL

URL: https://youtu.be/owrxQUvrV8Y

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AbovetheFoldCA/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.bbb.org/ca/sk/regina/profile/social-media-marketing/above-the-fold-create-raving-fans-for-your-business-0167-32086#bbbseal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AbovetheFoldCA
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/above-the-fold-ca/
Title: linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCc1oNtVz_1R1ZApuwBsnqAQ/featured?view_as=subscriber
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/abovethefoldca/
Title: instagram

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/06YqDIhx5FbIcmfIWaOjq7
Title: spotify

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D402956%26time%3D1657015666393%26url%3Dhttps%253A%252F%252Fabovethefold.live%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true&e_ipv6=AQJeQxWJTYF0-QAAAYHN1IkZ0EYPXFOp0XQrPeWX8wGSkRjUiT1HhL2H7cDvqW6-vBFlbshH3QYzKowl9Wp8WX2yHNYR5g

201 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
abovethefold.live/ 203 KB
40 KB 990ms
192ms Document
text/html 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed / PHP/7.4.30
Resource Hash: 32cf3b4f230561f36956af0ff1babb875cc762e9d0058c3606a23f1f5d729f2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 40538
content-type: text/html; charset=UTF-8
date: Tue, 05 Jul 2022 10:07:45 GMT
etag: "896-1656897923;br"
link: <https://abovethefold.live/wp-json/>; rel="https://api.w.org/" <https://abovethefold.live/wp-json/wp/v2/pages/2710>; rel="alternate"; type="application/json" <https://abovethefold.live/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/7.4.30

GET
H2 200 style.min.css
abovethefold.live/wp-includes/css/dist/block-library/ 81 KB
10 KB 108ms
102ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 06 Apr 2022 05:03:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10549
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 styles.css
abovethefold.live/wp-content/plugins/contact-form-7/includes/css/ 3 KB
904 B 111ms
104ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Sat, 18 Jun 2022 15:12:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 848
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 nectar-slider.css
abovethefold.live/wp-content/plugins/salient-nectar-slider/css/ 64 KB
8 KB 112ms
104ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/salient-nectar-slider/css/nectar-slider.css?ver=1.7.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 8e58c9ce0ec87e8670bf577d4dcf56a71b5b34350753261954ce5b89e8678654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Sat, 01 Jan 2022 20:26:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7864
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 default.css
abovethefold.live/wp-content/plugins/webba-booking/frontend/css/ 4 KB
1 KB 113ms
106ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/css/default.css?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 5d107d8cd74bb335f4ac7ae0235f4fe0001176845ba55f7fdfb99c498954eca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1091
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 default.date.css
abovethefold.live/wp-content/plugins/webba-booking/frontend/css/ 6 KB
1 KB 112ms
105ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/css/default.date.css?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 0055c95a98112f2b024b240606a69a145018524568fd8e93edf1bf77c6fe1742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1276
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 wbk-frontend-custom-style.css
abovethefold.live/wp-content/plugins/webba-booking/frontend/css/ 4 KB
623 B 204ms
197ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/css/wbk-frontend-custom-style.css
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: aab452a34ffa3cfb63ef10c2b169d6f34197fe4b697fc850bd3cda77c82a84d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Tue, 03 Nov 2020 01:13:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 567
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 wbk-frontend-default-style.css
abovethefold.live/wp-content/plugins/webba-booking/frontend/css/ 6 KB
1 KB 113ms
106ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/css/wbk-frontend-default-style.css
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: bb60c146c70026b944aa192f84e29e42a124ecd384883a154853e4933f1a4d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1435
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 font-awesome-legacy.min.css
abovethefold.live/wp-content/themes/salient/css/ 49 KB
9 KB 203ms
196ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 7adb967745932b25c31da3ef4a92f2b8e166926a7a8476fe8c8c58fc84b95fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 9342
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 grid-system.css
abovethefold.live/wp-content/themes/salient/css/build/ 21 KB
2 KB 112ms
105ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/grid-system.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: f3b2531d6e76075cf19da71a57064e1c8685fc47e741f85d3a67b62a28af0e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2481
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 style.css
abovethefold.live/wp-content/themes/salient/css/build/ 211 KB
34 KB 113ms
107ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/style.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 5be9ef1a87eb8bbd5da2cb8a9c678e25933fce6c41614814e22a1d6561dfa12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 34261
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 element-video-lightbox.css
abovethefold.live/wp-content/themes/salient/css/build/elements/ 13 KB
2 KB 211ms
204ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/elements/element-video-lightbox.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 22461c72b84fb47535c72e98657348aed96b269f6cd00dd81c82513ef28e6345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1879
expires: Wed, 05 Jul 2023 16:07:45 GMT

GET
H2 200 element-fancy-unordered-list.css
abovethefold.live/wp-content/themes/salient/css/build/elements/ 2 KB
413 B 215ms
209ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/elements/element-fancy-unordered-list.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: ba5c056304ac91133cc363f350c5caa5dab3573cfd8440d32f5af816d8eb6383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 380
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 responsive.css
abovethefold.live/wp-content/themes/salient/css/build/ 38 KB
7 KB 214ms
208ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/responsive.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 0feed8c49be4364b55622b9ad28cc535bbfab76a6d81128255833e7634fa2aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6893
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 skin-material.css
abovethefold.live/wp-content/themes/salient/css/build/ 59 KB
9 KB 215ms
209ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/skin-material.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 9a1d01cc4e8dac0f0e4be7069dd8330189c84f11f700a86a81aee7b6baf40444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 8741
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 menu-dynamic.css
abovethefold.live/wp-content/uploads/salient/ 4 KB
710 B 213ms
207ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/uploads/salient/menu-dynamic.css?ver=63543
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 319f6ac36829b0a184068573ed03320b9bb52dad872f5d1ae4714510b59f5f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sun, 03 Jul 2022 19:00:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 654
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 widget-nectar-posts.css
abovethefold.live/wp-content/themes/salient/css/build/elements/ 17 KB
2 KB 210ms
205ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/elements/widget-nectar-posts.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 59bb7a33c33520c0ba82835503be306a918c33e07aaa068bd597ca7f4ab7a65f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1817
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 content.css
abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/ 9 KB
2 KB 212ms
207ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/content.css?ver=2.51.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 7e020710c1237614858a16edcf7aeb131a8e6a5178d39c615e9a7c0a23b47da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1853
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 slider-controls-sides-buttons.css
abovethefold.live/wp-content/plugins/strong-testimonials/public/css/ 6 KB
906 B 212ms
207ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-buttons.css?ver=2.51.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 4d23593dc137c61dcc776684bac7fd33160070919a16c772327dcdc67fe721e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 873
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 js_composer.min.css
abovethefold.live/wp-content/plugins/js_composer_salient/assets/css/ 39 KB
6 KB 211ms
206ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: a2b4c3ad220c8d28533887965fbb1e6c1382588d200eb9d95250f929a567ba1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 01 Jan 2022 20:27:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5864
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 salient-dynamic-styles.css
abovethefold.live/wp-content/themes/salient/css/ 195 KB
25 KB 210ms
205ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=59140
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: b43c340e42ff54a6c1d0e018c1cbd22144a073fed0c27b437a20a7826a977342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 20:33:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 25073
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A700%2C400%7CRoboto%3A500%2C700%7CMontserrat%3A600%2C500%7CMuseo500-Regular%3A400%7CSatisfy%3A400%7CNunito%3A400italic%2C400%2C700&subset=latin&ver=1644102533

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f13eed0264b45cba842fb16ddf34fcd6061cbd9cb2b350e7c4a5611f463f1420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 10:07:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 10:07:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 10:07:45 GMT

GET
H2 200 jquery.min.js Show response
abovethefold.live/wp-includes/js/jquery/ 87 KB
30 KB 214ms
210ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 26 Jul 2021 16:31:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 30273
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
abovethefold.live/wp-includes/js/jquery/ 11 KB
4 KB 296ms
291ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 20:27:35 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3995
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 315 KB
74 KB 313ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: HIT
content-length: 75862
etag: "560ac9b3c6ccd02b33d8964a7bd13769"
x-request-id: 767f44c7-98fd-441a-b33f-8682efc366f8
x-served-by: cache-hhn4047-HHN
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 22:10:37 GMT
server: Fastly
date: Tue, 05 Jul 2022 10:07:46 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 core.min.js Show response
abovethefold.live/wp-includes/js/jquery/ui/ 20 KB
6 KB 298ms
294ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 05:02:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6599
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 effect.min.js Show response
abovethefold.live/wp-includes/js/jquery/ui/ 17 KB
6 KB 296ms
293ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 05:02:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6307
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 wbk-validator.js Show response
abovethefold.live/wp-content/plugins/webba-booking/common/ 1 KB
526 B 298ms
295ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/common/wbk-validator.js?ver=5.9.3
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 63b79ca8ed3387b082360b95c3b815c961eeaa6891619c8b84b2352a81356560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 493
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 wbk-frontend.js Show response
abovethefold.live/wp-content/plugins/webba-booking/frontend/js/ 99 KB
12 KB 299ms
295ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/js/wbk-frontend.js?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 70f712d07bc0922430f626d19312e4869821bd5337f7531e397640c094aee50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12468
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 picker.js Show response
abovethefold.live/wp-content/plugins/webba-booking/frontend/js/ 8 KB
3 KB 301ms
298ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/js/picker.js?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e4f44a19ba4a3f26f78d377a7771ea743e05c37cc3f0d34c558f71073549754f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3110
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 picker.date.js Show response
abovethefold.live/wp-content/plugins/webba-booking/frontend/js/ 12 KB
4 KB 302ms
299ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/js/picker.date.js?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 202786f9431b359a0ffdd47ae4096cd4e3934476beb43c1844620e8389c42210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4328
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 legacy.js Show response
abovethefold.live/wp-content/plugins/webba-booking/frontend/js/ 2 KB
907 B 300ms
297ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/webba-booking/frontend/js/legacy.js?ver=3.8.51
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 2f306230f9b1c1619e0f4827d761cd23b8d3a6d94ab99021d07eae0a2bc3dbc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 23:00:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 874
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 53ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107069184-1

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7ceb172736b2112d74cce83030228eaf98914a167252b27f5ecb47be43a9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41387
x-xss-protection: 0
expires: Tue, 05 Jul 2022 10:07:46 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
40 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-WTVL3TX

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9e66a723a15591b7f9b0f08013cb163dba1778a6a3dfdfc6cb71eb771fc90c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40906
x-xss-protection: 0
expires: Tue, 05 Jul 2022 10:07:45 GMT

GET
H2 200 2915.js Show response
script.crazyegg.com/pages/scripts/0075/ 6 KB
2 KB 425ms
374ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0075/2915.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed44069f4ad366b087d78f971ac7e9100026a8cb7cdca3e09e7e6b1fba87dd62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 725f4baa09b80200-ZRH
ce-version: 11.1.455
content-length: 2061
last-modified: Tue, 05 Jul 2022 10:07:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 FFF_Above-the-Fold-w-arrow-compressed-e1546134817192.png
abovethefold.live/wp-content/uploads/2018/12/ 7 KB
7 KB 402ms
398ms Image
image/png 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/12/FFF_Above-the-Fold-w-arrow-compressed-e1546134817192.png
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 09a760da6074f19fa9bde87a17a4a028c628a5ad55c686149528c10b35caf204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:51 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7418
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Above-the-Fold.png
abovethefold.live/wp-content/uploads/2019/04/ 5 KB
5 KB 128ms
124ms Image
image/png 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2019/04/Above-the-Fold.png
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 51bf690f69b7f117c2652342da5e4b72c9c602413da8ea0ab0d49ed643211950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:32 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5039
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
701 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&display=swap

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba29be1c355e5164d03899c41b11ac44143bf1f7e4f2af0e6d2ada85c5e249be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 08:44:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 10:07:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 10:07:46 GMT

GET
H3 200 Staff-MelbyMark_066f008a3ce93571faa258560669c839-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 2 KB
2 KB 402ms
398ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/Staff-MelbyMark_066f008a3ce93571faa258560669c839-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 457280e5fea8ff1176b9750452929bbf623019d7d63aec31e453d1d2eee0ed39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:30:11 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2342
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 wp-emoji-release.min.js Show response
abovethefold.live/wp-includes/js/ 18 KB
4 KB 126ms
123ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 26 Jul 2021 16:31:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4539
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 main.js Show response
d.plerdy.com/public/js/click/ 6 KB
3 KB 73ms
26ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.plerdy.com/public/js/click/main.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beeeb3cf200c5bfc287a95f6cb9d66b4be056075788f79ae4ac6e7515bc6baa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2827
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 18:56:13 GMT
server: cloudflare
etag: W/"62c337cd-18b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV%2BZbnOQAgGXPcSyAmAuS9Mi7Db%2B7tQXRTLLDnHDI6Ob1ThpIA%2FjRuBBZi%2BUyWN1%2FSVNQuGsjEGJk%2BWZGs2JJduVFQxA%2BVYqYGT5GKTyDAh%2FQMhgsEoUcacPBYc2y990IRA%2B6x8NkWbuzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4baa0b5cbaf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 magnific.css
abovethefold.live/wp-content/themes/salient/css/build/plugins/ 8 KB
2 KB 94ms
94ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/plugins/magnific.css?ver=8.6.0
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 03f2590278435d8e660cae76d3c900b6223b06dac3f526cc43f66b6213b3b63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1885
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 core.css
abovethefold.live/wp-content/themes/salient/css/build/off-canvas/ 22 KB
3 KB 94ms
93ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/off-canvas/core.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: b3a541179fa2c1f5e6dc116505e6503d70d7ccea2bd164f34ebcaffc15185d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3155
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 fullscreen-legacy.css
abovethefold.live/wp-content/themes/salient/css/build/off-canvas/ 9 KB
1 KB 94ms
93ms Stylesheet
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/build/off-canvas/fullscreen-legacy.css?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 08cf00701980b023a8b18d7c76238941f7ce638312df06471c8f01759d3f57fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1437
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 regenerator-runtime.min.js Show response
abovethefold.live/wp-includes/js/dist/vendor/ 6 KB
2 KB 122ms
116ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:15:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2330
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 wp-polyfill.min.js Show response
abovethefold.live/wp-includes/js/dist/vendor/ 19 KB
7 KB 107ms
101ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:15:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6810
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 index.js Show response
abovethefold.live/wp-content/plugins/contact-form-7/includes/js/ 21 KB
6 KB 110ms
104ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 18 Jun 2022 15:12:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6222
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 anime.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 17 KB
7 KB 118ms
112ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/anime.min.js?ver=4.5.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6960
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 nectar-slider.js Show response
abovethefold.live/wp-content/plugins/salient-nectar-slider/js/ 219 KB
36 KB 122ms
116ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/salient-nectar-slider/js/nectar-slider.js?ver=1.7.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: bcc67eaa39a915c8c4e91b85cf3afa8bf48fa0e366b30963bf7770c32bd1220c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 01 Jan 2022 20:26:57 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 36262
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 effect-fade.min.js Show response
abovethefold.live/wp-includes/js/jquery/ui/ 509 B
334 B 346ms
340ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/jquery/ui/effect-fade.min.js?ver=1.13.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 2ef9a0b7735658c436b863ae36c4dec0a5d831988b8fa6c5874e066289afc8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 05:02:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 290
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 jquery.easing.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 2 KB
822 B 346ms
340ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/jquery.easing.min.js?ver=1.3
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 777
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 jquery.mousewheel.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 3 KB
1 KB 346ms
341ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1088
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 priority.js Show response
abovethefold.live/wp-content/themes/salient/js/build/ 2 KB
705 B 347ms
341ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/priority.js?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 683
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 nectar-slider-priority.js Show response
abovethefold.live/wp-content/themes/salient/js/build/ 3 KB
527 B 348ms
342ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/nectar-slider-priority.js?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: dfc481c8a8034505013b1e2bbdaba080e9eab3e9dfc66d75c4e0c95051e68284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 505
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 transit.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 7 KB
3 KB 348ms
342ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/transit.min.js?ver=0.9.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2572
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 waypoints.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 9 KB
2 KB 348ms
343ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/waypoints.js?ver=4.0.2
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: a2a730bfb474365a6a6f90da061620c69d4779a876ef88e3af0ca6febebc8f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2501
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 imagesLoaded.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 5 KB
2 KB 350ms
345ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/imagesLoaded.min.js?ver=4.1.4
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1712
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 hoverintent.min.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 2 KB
914 B 357ms
352ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/hoverintent.min.js?ver=1.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 892
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 magnific.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 21 KB
7 KB 369ms
364ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/magnific.js?ver=7.0.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fd0062dadc441ac836028282dfda635da47f4280756d07ab0908faf71818e05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7185
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 superfish.js Show response
abovethefold.live/wp-content/themes/salient/js/build/third-party/ 6 KB
2 KB 369ms
364ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/third-party/superfish.js?ver=1.5.8
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1967
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 init.js Show response
abovethefold.live/wp-content/themes/salient/js/build/ 335 KB
70 KB 370ms
365ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/js/build/init.js?ver=14.0.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: abec774b262dca9d567d9403b5d423d439e7650a4b03c891211b15bc27adeeea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 17:36:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 71853
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 touchswipe.min.js Show response
abovethefold.live/wp-content/plugins/salient-core/js/third-party/ 9 KB
3 KB 395ms
390ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 01 Jan 2022 20:26:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3146
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 jquery-actual.min.js Show response
abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/actual/ 1 KB
609 B 142ms
139ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/actual/jquery-actual.min.js?ver=1.0.16
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: d9e9fb149b793d533a8ec27d7a82e4f66a403f9234334c902a5cff13a451244b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 587
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 imagesloaded.min.js Show response
abovethefold.live/wp-includes/js/ 5 KB
2 KB 395ms
390ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sun, 13 Sep 2020 17:07:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1733
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 underscore.min.js Show response
abovethefold.live/wp-includes/js/ 19 KB
7 KB 395ms
390ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:15:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7187
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 verge.min.js Show response
abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/verge/ 1 KB
572 B 151ms
147ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/verge/verge.min.js?ver=1.10.2
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 550
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 hooks.min.js Show response
abovethefold.live/wp-includes/js/dist/ 6 KB
2 KB 398ms
393ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:15:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1780
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 i18n.min.js Show response
abovethefold.live/wp-includes/js/dist/ 10 KB
4 KB 398ms
393ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 12:15:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3811
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 jquery-strongslider.min.js Show response
abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/ 24 KB
6 KB 151ms
148ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/js/lib/strongslider/jquery-strongslider.min.js?ver=2.51.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: d2d334c44bf66bcabe3a150f3f4d8358207c98d2a93de78a8d118bca64871c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6185
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 controller.min.js Show response
abovethefold.live/wp-content/plugins/strong-testimonials/public/js/ 5 KB
1 KB 400ms
395ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/js/controller.min.js?ver=2.51.9
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fb0b1554e9689e778596207553844e6a72670f563311b76bdc53f09b97c0d222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1466
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 46ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&ver=3.0

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93744e88dec3f363bb77625e3cae9749e46339b760e0ee495e594ce9cb7e2320

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Tue, 05 Jul 2022 10:07:46 GMT

GET
H3 200 index.js Show response
abovethefold.live/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
484 B 400ms
396ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 18 Jun 2022 15:12:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 439
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 js_composer_front.min.js Show response
abovethefold.live/wp-content/plugins/js_composer_salient/assets/js/dist/ 28 KB
6 KB 401ms
396ms Script
application/javascript 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.7
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fccf7d38064bc3d0f77581e7623f4f20564dcc3e90e2f3978f09a8cdf0967ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Sat, 01 Jan 2022 20:27:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6051
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
23 KB 32ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22471
x-xss-protection: 0
pragma: public
x-fb-debug: jKpBzZQbZTAr0+IPy9Cm6I4HQoDAtzFcxUhmGLLERep4MujxKZ/NEShK87M0Loc33zXmykKgZqGy06C9CJQutQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 05 Jul 2022 10:07:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 314 KB
90 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7e2e96d94f15b219219cad5967ee96afc6f1585da68912106d5e9c1e72ad99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yTmkPVfEfWCLNpB5uTK36w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 91432
x-fb-rlafr: 0
x-fb-debug: g7CJltREThpQet9IB1lQsc1dpRb43a0xyL/NszRu7GrgeWgteDfnJcvTKOAUUY8SpVhbleObwq26iZD764ZfcQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 730b257e5d40ed5003e5175768ed4d58
x-frame-options: DENY
date: Tue, 05 Jul 2022 10:07:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bcd47ef8ae0c4127406f11a447270233"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Jul 2022 10:19:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 45ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHS67CM

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

860a052a02ba7ec1580135d3b8a35feb0e11eebb5990fcf7b7ee6e0745f9f9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33041
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Jul 2022 10:07:46 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 61ms
13ms Script
application/x-javascript 2a02:26f0:480:3::210:ee91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 10:07:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=19592
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4298
date: Tue, 05 Jul 2022 08:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 05 Jul 2022 10:56:08 GMT

GET
H2 404 gtm.js
www.googletagmanager.com/ 0
0 35ms
16ms Script
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRS66RG
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 default Show response
embed.tawk.to/5e691adceec7650c331f7fa6/ 2 KB
1010 B 189ms
160ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b1e044016e4f0dc5422c511fdc692c9d026f77dd2b7169205331a804cd633a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v4-62835fee0eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 725f4baa2c2a2355-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 serialize.min.js Show response
d3rxaij56vjege.cloudfront.net/form-serialize/0.3/ 1 KB
1 KB 34ms
6ms Script
application/javascript 65.9.58.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rxaij56vjege.cloudfront.net/form-serialize/0.3/serialize.min.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-170.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 06:48:34 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Mon, 02 Nov 2015 22:04:54 GMT
server: AmazonS3
age: 11958
etag: "7d3e5f83849d8d66381fd41ac97eb5a1"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1197
x-amz-cf-id: mN4BdE6sXgtMM1UtkWkpkzu20kFhXxhW8LNq1sDwKPg2bqz3SmzQFQ==

GET
H2 200 above-the-fold-create-raving-fans-for-your-business-32086.js Show response
seal-sask.bbb.org/logo/ 1 KB
902 B 427ms
99ms Script
text/javascript 54.166.84.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://seal-sask.bbb.org/logo/above-the-fold-create-raving-fans-for-your-business-32086.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.84.155 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-84-155.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 083af16c4920a7b909ea7445be4d2725fc55a9c322983d08d43b7117d156b650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 22:32:08 GMT
server: Apache
etag: 48dea217a3504855335a9fd45249d161
node: Two-EC2-Seal
content-type: text/javascript
content-disposition: inline; filename="javascript-for-32086.js"
cachefilename: a3b4363684a66af07b50fc351c64a674.js
content-length: 589
expires: Tue, 05 Jul 2022 10:32:08 GMT

GET
H3 200 salient-dynamic-styles.css
abovethefold.live/wp-content/themes/salient/css/ 195 KB
195 KB 372ms
371ms Image
text/css 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=59140
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=59140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=59140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 20:33:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 25073
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Get-Found-Digital-Marketing-Homepage-People-Mulling.jpg.webp
abovethefold.live/wp-content/uploads/2020/08/ 81 KB
81 KB 492ms
492ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2020/08/Get-Found-Digital-Marketing-Homepage-People-Mulling.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: b7bd4ab3f6b24ee8634a579dc7467e3d03069bf85c54362f8a6cf5b1a0b34fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Fri, 11 Dec 2020 22:11:43 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 82566
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Home-Entrepreneur-Banners-e1555782114766.jpg.webp
abovethefold.live/wp-content/uploads/2018/10/ 51 KB
51 KB 399ms
399ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/10/Home-Entrepreneur-Banners-e1555782114766.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: d0d553a0eb1a8f88a5ceb0b68b1480fafc650adeda5cd1989c5b62798fa11e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:00:07 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 52334
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 43288692952_8742656672_o_3c4a74da20c9a526455b5104fdc17bc3.jpg.webp
abovethefold.live/wp-content/uploads/2018/09/ 43 KB
43 KB 406ms
406ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/09/43288692952_8742656672_o_3c4a74da20c9a526455b5104fdc17bc3.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 646a64e5cb9f6c7702c7830ae308bdb9a67b7d20f7c598615695d0a39c01187d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:55 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 43734
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 teamwork-in-the-workplace-rh-e1555782965998.jpg.webp
abovethefold.live/wp-content/uploads/2019/04/ 63 KB
63 KB 422ms
422ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2019/04/teamwork-in-the-workplace-rh-e1555782965998.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: b55a1666694ead1107d83e87ef7e5b201f9c6c669bfee4cac6bad92b6dc2263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 64188
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 faq-1-1-1-e1555794583691_3ffd12e0ec57737159a48ae72426a0f8.jpg.webp
abovethefold.live/wp-content/uploads/2016/09/ 22 KB
22 KB 436ms
435ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2016/09/faq-1-1-1-e1555794583691_3ffd12e0ec57737159a48ae72426a0f8.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 183ab86c71282d84eab8195ae5cf7163709345d327c053e2a8d2b9a1de63a0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:27 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 22184
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Barb-McGrath-3.19-e1586118963781.jpg.webp
abovethefold.live/wp-content/uploads/2018/07/ 55 KB
55 KB 437ms
436ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/07/Barb-McGrath-3.19-e1586118963781.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: b384140f36d710dcb1ab0bd04d494b3d4535f1d7bc6f2803e28c03387377a2d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Fri, 11 Dec 2020 22:30:30 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 56624
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 quotes.png
abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/img/ 335 B
355 B 447ms
446ms Image
image/png 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/img/quotes.png
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/content.css?ver=2.51.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: d64873dd0c111a0f6663da0b18aaf75b057051f869ddd9e9b72d68003f3a93a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/wp-content/plugins/strong-testimonials/templates/default/content.css?ver=2.51.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 335
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 customers-happy-1-e1584593442873.jpg.webp
abovethefold.live/wp-content/uploads/2019/09/ 59 KB
59 KB 446ms
446ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2019/09/customers-happy-1-e1584593442873.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 7c682e08fdf01c281433a50db0249a26e78dbbd228f72b9c7fbc8b0590f89735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:00:15 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 60024
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 person-801823_1280-e1555784943209.jpg
abovethefold.live/wp-content/uploads/2018/10/ 42 KB
42 KB 453ms
452ms Image
image/jpeg 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/10/person-801823_1280-e1555784943209.jpg
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 74e71b2f5350c0679130c8bc079437cd4a3b59d72e009d414434179eec5cb04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:00:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 42574
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A700%2C400%7CRoboto%3A500%2C700%7CMontserrat%3A600%2C500%7CMuseo500-Regular%3A400%7CSatisfy%3A400%7CNunito%3A400italic%2C400%2C700&subset=latin&ver=1644102533

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 579577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:08:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 32ms
11ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 579641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:07:05 GMT

GET
H2 200 XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXAHjaba.woff2
fonts.gstatic.com/s/nunito/v24/ 14 KB
14 KB 38ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v24/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXAHjaba.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7819ad427cb5fd886c1f91887ec7aa0f9441bee03d5553af3168aee1522f616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:07:51 GMT
x-content-type-options: nosniff
age: 64795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14620
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:49:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:07:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 579577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:08:09 GMT

GET
H3 200 Museo500-Regular.ttf
abovethefold.live/wp-content/uploads/2020/08/ 62 KB
34 KB 120ms
120ms Font
font/ttf 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/uploads/2020/08/Museo500-Regular.ttf
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 05227dab17c6764ef8fb42621e86b628a429e32d1ba2b8891574333077e7916b

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
last-modified: Mon, 17 Aug 2020 18:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 34476
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 icomoon.woff
abovethefold.live/wp-content/themes/salient/css/fonts/ 20 KB
20 KB 124ms
123ms Font
font/woff 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.2
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/themes/salient/css/build/style.css?ver=14.0.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fd34dab8c695c588a20806efd3060572778d4122b180a5988a07c16b4cf9c387

Request headers

Referer: https://abovethefold.live/wp-content/themes/salient/css/build/style.css?ver=14.0.7
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20656
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 35ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 523377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 08:44:49 GMT

GET
H3 200 fontawesome-webfont.woff
abovethefold.live/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 203ms
203ms Font
font/woff 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://abovethefold.live/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://abovethefold.live/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Wed, 18 May 2022 17:36:19 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 98024
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Get-Found-Intro-compressed.jpg.webp
abovethefold.live/wp-content/uploads/2022/01/ 90 KB
91 KB 376ms
375ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2022/01/Get-Found-Intro-compressed.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 2c0ea284dc5a8f07aec34828f08c893003982966aab47a221e55f6e61c3d3fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sun, 30 Jan 2022 01:30:04 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 92624
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Above-the-Fold.png.webp
abovethefold.live/wp-content/uploads/2019/04/ 4 KB
4 KB 388ms
388ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2019/04/Above-the-Fold.png.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: e13f709359f6b24dcb73e535d9d1e25d8253072ef63b95399f0ead1019a24a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:32 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4430
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H2 200 above-the-fold-create-raving-fans-for-your-business-32086.png
seal-sask.bbb.org/logo/ruhzbul/ 4 KB
4 KB 337ms
104ms Image
image/png 54.166.84.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-sask.bbb.org/logo/ruhzbul/above-the-fold-create-raving-fans-for-your-business-32086.png
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.84.155 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-84-155.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 711a5bf82f964b955eb316e671701ad0952b805429e46f8415f767fc9ae8e49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Tue, 05 Jul 2022 01:11:36 GMT
server: Apache
p3p: CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
etag: d8ede6cb7d6d01db6c390194bb905663
node: One-EC2-Seal
content-type: image/png
content-disposition: inline; filename="seal-for-32086.png"
cachefilename: e855349eb44f8c1b2a407d56d8d5a1a3.png
content-length: 3925
seal-provided-by: Hurdman
cachehit: YES
expires: Tue, 05 Jul 2022 13:11:36 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 75ms
32ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: ZRH50-C1
cf-ray: 725f4baaea422373-ZRH
x-amz-cf-id: uBsPkXu5wkoRgjA3IEYdJeQ9Y-mnrSMFFNrr7jr9zwcr9__42XWp6Q==

GET
H3 200 640421303012582 Show response
connect.facebook.net/signals/config/ 355 KB
85 KB 140ms
131ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/640421303012582?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fea48455cbc76012c2d43b76016897e52ef4303f51adbb4b8abe70a7c0c325ac

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: syvAo7hK7I5NbMKgXFlYn4VYxiegF4tbTZxSZAnN4zwRfO+K76TEWw4kZ9kRLhRRdH/p8a2yfIn8KhqH8jZrdQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 05 Jul 2022 10:07:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657015666529
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D402956%26time%3D1657015666393%26url%3Dhttps%253A%252F%252Fabovethefold.live%252F%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true&e_ipv6=AQJeQxWJTYF0-QAAAYHN1IkZ0EYPXFOp0XQrPeWX8wGSkRjUiT1HhL2H7cDvq...

0
265 B

268ms
205ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true&e_ipv6=AQJeQxWJTYF0-QAAAYHN1IkZ0EYPXFOp0XQrPeWX8wGSkRjUiT1HhL2H7cDvqW6-vBFlbshH3QYzKowl9Wp8WX2yHNYR5g
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D03778CC846D477BB5B0CFAD32342DF7 Ref B: VIEEDGE1518 Ref C: 2022-07-05T10:07:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjDAY7cCihHBhX143oow==
x-li-fabric: prod-lor1

Redirect headers

date: Tue, 05 Jul 2022 10:07:46 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AF700335BAB3449F8E3333AAEFF7DC64 Ref B: FRAEDGE1515 Ref C: 2022-07-05T10:07:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=402956&time=1657015666393&url=https%3A%2F%2Fabovethefold.live%2F&liSync=true&e_ipv6=AQJeQxWJTYF0-QAAAYHN1IkZ0EYPXFOp0XQrPeWX8wGSkRjUiT1HhL2H7cDvqW6-vBFlbshH3QYzKowl9Wp8WX2yHNYR5g
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjDAY3WdoYhYxE0L9uIw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1691349285&t=pageview&_s=1&dl=https%3A%2F%2Fabovethefold.live%2F&ul=en-us&de=UTF-8&dt=Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAAEABAAAAAC~&jid=1333622917&gjid=346560894&cid=325362770.1657015666&tid=UA-20846680-4&_gid=1699872403.1657015666&_r=1&_slc=1&z=1833017080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abovethefold.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KZPL124R4F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107069184-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17697df2130c596c53c124f4f2bb50a1b653fe1682458ba54aa4fe3d7bdc3720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70562
x-xss-protection: 0
expires: Tue, 05 Jul 2022 10:07:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1691349285&t=pageview&_s=1&dl=https%3A%2F%2Fabovethefold.live%2F&ul=en-us&de=UTF-8&dt=Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=1104336435&gjid=1020952117&cid=325362770.1657015666&tid=UA-107069184-1&_gid=1699872403.1657015666&_r=1&gtm=2ou6t0&z=747609717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abovethefold.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1691349285&t=event&ni=1&_s=2&dl=https%3A%2F%2Fabovethefold.live%2F&ul=en-us&de=UTF-8&dt=Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=At1IZMbFQhmerPis8ZsF5Q&_u=aGDAAUABAAAAAC~&jid=&gjid=&cid=325362770.1657015666&tid=UA-107069184-1&_gid=1699872403.1657015666&gtm=2ou6t0&z=918741804

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 16:32:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63321
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 65ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-107069184-1&cid=325362770.1657015666&jid=1104336435&gjid=1020952117&_gid=1699872403.1657015666&_u=aGDAAUABAAAAAC~&z=1304989025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 05 Jul 2022 10:07:46 GMT
content-type: text/plain
access-control-allow-origin: https://abovethefold.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
393 B 175ms
168ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=650628205&u=https%3A%2F%2Fabovethefold.live%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.28
Resource Hash: 6780bcbe70cff40f8b8ce0d709d440fff10e0238f601cee390f23e4bf42514d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 48
cf-ray: 725f4babab742373-ZRH

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZPL124R4F&gtm=2oe6t0&_p=1691349285&_z=ccd.v9B&cid=325362770.1657015666&ul=en-us&sr=1600x1200&_s=1&sid=1657015666&sct=1&seg=0&dl=https%3A%2F%2Fabovethefold.live%2F&dt=Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZPL124R4F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abovethefold.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
30ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-107069184-1&cid=325362770.1657015666&jid=1104336435&_u=aGDAAUABAAAAAC~&z=499241177

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-107069184-1&cid=325362770.1657015666&jid=1104336435&_u=aGDAAUABAAAAAC~&z=499241177

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 36ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640421303012582&ev=PageView&dl=https%3A%2F%2Fabovethefold.live%2F&rl=&if=false&ts=1657015666600&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1657015666599.7065810&it=1657015666392&coo=false&rqm=GET

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 05 Jul 2022 10:07:46 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 09:54:24 GMT

GET
H2 200 detector.js Show response
c.plerdy.com/public/js/click/ 23 KB
6 KB 34ms
24ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.plerdy.com/public/js/click/detector.js
Requested by: Host: d.plerdy.com
URL: https://d.plerdy.com/public/js/click/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c78a1fc01e491f4afaa0463bef500cc48dd125bb623fad5714789963e6010342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2831
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 18:56:08 GMT
server: cloudflare
etag: W/"62c337c8-5a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMORxgWAFKQ4OFFhpM1QB9nf6wLGjytlXyb2q%2Bx5g1%2F07gMCHu7yv1OyYGZ%2FblycFjb1cb1eMti8t0W387hHxVBX0IVgA9V3ry81oNQURTDU9p21XsetQPMcE2Ge6W7856dhSYv%2FUsM5yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4bacaff9baf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame A23D 240 B
549 B 9ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2128918
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Jul 2022 10:07:46 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 817015
x-content-type-options: nosniff
x-request-id: 96d4da68-d22e-4de7-b4f5-902f1c208a05
x-served-by: cache-hhn4047-HHN

GET
H3 200 FFF_Above-the-Fold-w-arrow-compressed-e1546134817192.png.webp
abovethefold.live/wp-content/uploads/2018/12/ 6 KB
6 KB 97ms
96ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/12/FFF_Above-the-Fold-w-arrow-compressed-e1546134817192.png.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 0f09a9b352cbec17b16917d0ae0bfe3e5fef39418a97cb47d87864bf00e756a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 01:30:51 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6318
expires: Wed, 05 Jul 2023 16:07:46 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame A23D 0
571 B 552ms
158ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 2915.json Show response
script.crazyegg.com/pages/data-scripts/0075/ 6 KB
2 KB 176ms
152ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0075/2915.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/2915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa04b3ae8b8b9dd0ec2d2fe81b219d53c2cad8c8b6efc870f6ffae261e8ea679

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 725f4bae081c01f8-ZRH
ce-version: 11.1.455
content-length: 1449
last-modified: Tue, 05 Jul 2022 10:07:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A23D 1 KB
800 B 6ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 45
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 4f2316b1-6675-47f3-bded-35eb2cd93349
x-served-by: cache-hhn4047-HHN
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Fastly
date: Tue, 05 Jul 2022 10:07:46 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65

GET
H3 200 garyweisbrodt-for-Above-the-Fold-Canada-e1579455377892-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 1 KB
1 KB 102ms
102ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/garyweisbrodt-for-Above-the-Fold-Canada-e1579455377892-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: fc48b9ab96cfc8d1e3476fe821803e166e46c87ecaf59f7287dc6b55cd976a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:07 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1126
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Sherry-Knight-e1579454628716_0613d3a75c97fe31a71c76e29854fa1a-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/12/ 3 KB
3 KB 102ms
100ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/12/Sherry-Knight-e1579454628716_0613d3a75c97fe31a71c76e29854fa1a-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 74c239787985f479c353c6ac93e84eaa82ef8eb9f771d7532fe9d6709c785f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:30:13 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2824
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 LogoStoonLargePurple-e1579455247607.png.webp
abovethefold.live/wp-content/uploads/2018/02/ 5 KB
5 KB 107ms
105ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/02/LogoStoonLargePurple-e1579455247607.png.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 048d4668004c2642e3c4d228c7adfa972e33025191c4f475d97ea4aeddd223e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:30:58 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4878
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 RMichon-480x551-261x300_b1359a92dbdfe251cabe8b0a344236a3-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/12/ 3 KB
3 KB 108ms
106ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/12/RMichon-480x551-261x300_b1359a92dbdfe251cabe8b0a344236a3-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 047a1d5b6ffbdc2591ded8d497395b7a5b316406ea5b26fae57fa3bcfebf4a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:08 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3418
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 regina-sask-january-7-2017-jim-aho-stands-near-the_b594dfc9dd1ce467dcf462f477e7ed7f-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 2 KB
2 KB 107ms
105ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/regina-sask-january-7-2017-jim-aho-stands-near-the_b594dfc9dd1ce467dcf462f477e7ed7f-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 3e82120a2f23079107681f967b0a076db96fb9a750e660a848ed2790d25fd1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:09 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2348
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Roxanne-Brown-Jewellry-e1579455268168.jpg.webp
abovethefold.live/wp-content/uploads/2018/02/ 10 KB
10 KB 107ms
105ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/02/Roxanne-Brown-Jewellry-e1579455268168.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 1ebb36e49aab584f0c49c022a1032db2e2fd845c06e691b04bf15dd6f2e51710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:31:00 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10658
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Healthier-Lifestyles-for-Above-the-Fold-Canada_edda1b50c7863986cbd52e670a8deefc-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 4 KB
4 KB 103ms
102ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/Healthier-Lifestyles-for-Above-the-Fold-Canada_edda1b50c7863986cbd52e670a8deefc-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: df6b32865fc99b7c2fd8c5cf0941a5136d3e376b19851863f7adb73e9345ede4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:05 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4030
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Luke-Rossmo-for-Above-the-Fold-Canada-300x270_47cb9559da3a3cdc5c1bb567e1923a9a-140x140.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 3 KB
3 KB 105ms
103ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/Luke-Rossmo-for-Above-the-Fold-Canada-300x270_47cb9559da3a3cdc5c1bb567e1923a9a-140x140.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: c739da22e31d0d28769ecd10ed665e6c83a3e301be39602d4b422957c4e17376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:07 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2746
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Cascadia-Dog-Training-300x300_fe5c0a640bf0b48d6f45040c4ac20629-140x140.png.webp
abovethefold.live/wp-content/uploads/2018/02/ 4 KB
4 KB 104ms
102ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/02/Cascadia-Dog-Training-300x300_fe5c0a640bf0b48d6f45040c4ac20629-140x140.png.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 653a86a94df17e358609b9d2e90658b7afd12e291872873b9d53623db233b2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 02:30:58 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4328
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Humanly-Branding-Marketing-e1579455560688.png.webp
abovethefold.live/wp-content/uploads/2018/01/ 5 KB
5 KB 104ms
103ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2018/01/Humanly-Branding-Marketing-e1579455560688.png.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 88ec599d965fcd370a410862895fe70438e2b89fe52a2617d4cb14536c74a71b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:09 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5328
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 Connections-for-Above-the-Fold-Canada.jpg.webp
abovethefold.live/wp-content/uploads/2017/11/ 8 KB
8 KB 104ms
103ms Image
image/webp 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/uploads/2017/11/Connections-for-Above-the-Fold-Canada.jpg.webp
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 1db2d4a2105be0c819790fdc3be85fede728fdda6087da004d18077bc1215def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:46 GMT
last-modified: Sat, 12 Dec 2020 03:00:04 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 7982
expires: Wed, 05 Jul 2023 16:07:46 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4BAE 41 KB
21 KB 30ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&co=aHR0cHM6Ly9hYm92ZXRoZWZvbGQubGl2ZTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=apw0ufmvyqlb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7363417e660fa2357c98c9f3e04d37d2d41ca85cc3117e18894367ed246af3b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qY7SKQybnoVfpQEPvvRG4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abovethefold.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21803
content-security-policy: script-src 'report-sample' 'nonce-qY7SKQybnoVfpQEPvvRG4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 10:07:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
362 B 172ms
133ms Script
text/javascript 2606:4700:4400::ac40:9197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=650628205&prismid=3afb7824-3d24-4502-bc76-5fa6ded3320a&url=https%3A%2F%2Fabovethefold.live%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 725f4baedf3ecc56-ZRH
content-length: 0

GET
H3 200 main2.js Show response
c.plerdy.com/public/js/click/ 377 KB
95 KB 61ms
34ms Script
application/javascript 2606:4700:20::681a:f5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Requested by: Host: d.plerdy.com
URL: https://d.plerdy.com/public/js/click/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb28f393677665433e3af5c77e827998356a56ef32fdac90d1986dd4991fcde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2836
cf-polished: origSize=386278
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Jul 2022 18:56:08 GMT
server: cloudflare
etag: W/"62c337c8-5e4e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlPLBZ0JAMryY5EZwo%2B04ij5iLZjK64wzOT5mmaLQRrOL4ynOgs8%2Bip%2FZlRYHJeKT2D%2BXhKHOqwt36%2Br4NeM3bXthB0l2JATFfdqNrhGAmJBy%2FqimemgDmDhsTBRnT0VjcS5O4QyapzzZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-ray: 725f4baecf8583a2-MXP
cf-bgj: minify

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 24FE 930 B
1 KB 10ms
10ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Jul 2022 10:07:46 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 53
x-content-type-options: nosniff
x-request-id: d12657db-ea13-42b7-8625-dd52385d9a31
x-served-by: cache-hhn4047-HHN
x-timer: S1657015667.985041,VS0,VE0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4BAE 51 KB
24 KB 25ms
9ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&co=aHR0cHM6Ly9hYm92ZXRoZWZvbGQubGl2ZTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=apw0ufmvyqlb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 09:25:09 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4BAE 366 KB
145 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 09:54:24 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 24FE 0
344 B 410ms
158ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 24FE 86 KB
16 KB 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 276
x-cache: HIT
content-length: 16031
x-request-id: 2b65c3f9-3487-4dcc-aa2f-a7f87fb33b0f
x-served-by: cache-hhn4047-HHN
server: Fastly
x-timer: S1657015667.016238,VS0,VE0
date: Tue, 05 Jul 2022 10:07:47 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 344

GET
H3 200 chevron-left-solid.svg
abovethefold.live/wp-content/plugins/strong-testimonials/public/svg/ 482 B
349 B 97ms
97ms Image
image/svg+xml 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/svg/chevron-left-solid.svg
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-buttons.css?ver=2.51.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: 5399d593d92642f8ef2b20ab26cdd615a70d2ecf029d5c52a1fc8b3813cf29e8

Request headers

Referer: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-buttons.css?ver=2.51.9
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 267
expires: Wed, 05 Jul 2023 16:07:47 GMT

GET
H3 200 chevron-right-solid.svg
abovethefold.live/wp-content/plugins/strong-testimonials/public/svg/ 527 B
307 B 97ms
95ms Image
image/svg+xml 108.62.0.112
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/svg/chevron-right-solid.svg
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-buttons.css?ver=2.51.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.62.0.112 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: wa01.skystracloud.com
Software: LiteSpeed /
Resource Hash: c4b25cd117c2010382d4d9bf2867f9644aff5058da3650ede80797a5565de549

Request headers

Referer: https://abovethefold.live/wp-content/plugins/strong-testimonials/public/css/slider-controls-sides-buttons.css?ver=2.51.9
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 05:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 285
expires: Wed, 05 Jul 2023 16:07:47 GMT

GET
H2 200 11.1.455.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 22ms
21ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0075/2915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 04:57:06 GMT
server: cloudflare
age: 76169
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 725f4baf39dd0200-ZRH
content-length: 28087

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4BAE 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 572879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 05 Jul 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BAE 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 600582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BAE 15 KB
15 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 572879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 18:59:48 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 24FE 156 B
523 B 509ms
194ms XHR
application/json 54.148.100.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.100.42 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-100-42.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b60fb08c8c6b5b11c013272699649840b48a91357ca36e7c0f12046ddace0579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0AC0 0
18 B 18ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://abovethefold.live
Referer: https://abovethefold.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://abovethefold.live
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 10:07:47 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 2915.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0075/ 330 B
287 B 152ms
151ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0075/2915.json?t=460282
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d101650c356d270731722e2c0fe9e5d6cb861dd771f98465f1fcd328a6af17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 725f4bb09bdc01f8-ZRH
ce-version: 11.1.455
content-length: 199
last-modified: Tue, 05 Jul 2022 10:07:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4BAE 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Host: abovethefold.live
URL: https://abovethefold.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&co=aHR0cHM6Ly9hYm92ZXRoZWZvbGQubGl2ZTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=apw0ufmvyqlb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Tue, 05 Jul 2022 10:07:47 GMT

GET
H2 200 moosend-tracking.min.js Show response
cdn.stat-track.com/statics/ 73 KB
22 KB 87ms
25ms Script
text/plain 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5523385
Requested by: Host: abovethefold.live
URL: https://abovethefold.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d54a7b1f225f6465aafa6e0bd1fd1daeb7778827de76fde5a3c15e5566c6e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 08:51:40 GMT
server: AmazonS3
x-amz-request-id: GJ7D6CGBR3AGWFV5
etag: "dce0630c0bb3fa3a8d487ccfab5857fa"
x-hw: 1657015667.cds228.lo4.hn,1657015667.cds011.lo4.c
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=3242
accept-ranges: bytes
content-length: 22438
x-amz-id-2: XhuFygWf77m09SBie74+oGuYdpZnpnfhMEdbpQniTQ5A74tdxXC2F6LOpGmAXLINo02FPQWAgRw=

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 121 B
463 B 196ms
157ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdc10200-ZRH

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 76 KB
27 KB 353ms
315ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdbf0200-ZRH

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 206 KB
61 KB 487ms
449ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"0022ca6ee8862a21867d497826b1d4ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdba0200-ZRH

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 157 KB
37 KB 467ms
428ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"a971da9828a19bc856261914c19bc242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdbc0200-ZRH

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 2 KB
1 KB 233ms
194ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"a15483b174cf94cb489a53ce9789161d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdb70200-ZRH

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 151 B
451 B 201ms
163ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e691adceec7650c331f7fa6/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb1bdc40200-ZRH

GET
H2 200 2-above-the-fold-create-raving-fans-for-your-business-32086.css
seal-sask.bbb.org/logo/ 3 KB
878 B 102ms
102ms Stylesheet
text/css 54.166.84.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://seal-sask.bbb.org/logo/2-above-the-fold-create-raving-fans-for-your-business-32086.css
Requested by: Host: seal-sask.bbb.org
URL: https://seal-sask.bbb.org/logo/above-the-fold-create-raving-fans-for-your-business-32086.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.84.155 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-84-155.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6a2b14ca50e612d4564e626e540e592548a258de0352e25fd0b5c3862d803b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 05 Jul 2022 10:07:47 GMT
server: Apache
etag: 2b7268043c31d31ae6238aea62b2c7ec
node: One-EC2-Seal
content-type: text/css
content-disposition: inline; filename="styles-for-32086.css"
content-length: 613
expires: Tue, 05 Jul 2022 22:07:47 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
421 B 57ms
6ms XHR
binary/octet-stream 99.86.4.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-21.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 7516587
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: RcXNXSDzLsf2kblLDx8Qrw7STQFGMrxESyCuHBalDCV_H-viL7y9LQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 31ms
6ms XHR
binary/octet-stream 99.86.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-38.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:59:39 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2884088
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: 4KHdV63yRFirOv8PjXeVnEZ5HwVFvSeDFu4NBXAAQbo7o6ZRmlyPZg==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4BAE 32 KB
18 KB 84ms
83ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ad90039823b4c649f88b94f3fcaf8ae67f1d3094ad9ef3217385ff9f3adc06d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le875QUAAAAABwE_IdjNFreqHcjWnvj3gE6pEB1&co=aHR0cHM6Ly9hYm92ZXRoZWZvbGQubGl2ZTo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=apw0ufmvyqlb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18409
x-xss-protection: 1; mode=block
expires: Tue, 05 Jul 2022 10:07:47 GMT

GET
BLOB 200
OK a7038fc3-2ad8-4807-884f-48991cc8e2eb
https://abovethefold.live/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://abovethefold.live/a7038fc3-2ad8-4807-884f-48991cc8e2eb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

POST
H3 200 save_statistic Show response
d.plerdy.com/click/admin/ 176 B
713 B 97ms
77ms XHR
text/html 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.plerdy.com/click/admin/save_statistic
Requested by: Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb5e6bf3d877d41c3adfb5dbb292dfc22e23c2e941895154994b1795b0af96d

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6g8SEUA%2FH4HW8z0825Vx28uWGIp8hTtAQ1rp7zSYfB3rJeOhzwLhUUp05MDRXSWLeLWvoSkI90aBuvf52627SGLvTjpHXMYek1rIn39x6SxVvSpYEQcr0h43ZPUhss6XcwkMVFo08NKm%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, private
cf-ray: 725f4bb22b7ebab8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 05 Jul 2022 10:07:47 GMT

OPTIONS
H2 204 f8b5a8ca3c424f6fad8e580e06a7b265
forms.m-pages.com/api/forms/ Frame 0
0 53ms
11ms Preflight 136.243.111.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/f8b5a8ca3c424f6fad8e580e06a7b265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.111.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.146.111.243.136.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abovethefold.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Tue, 05 Jul 2022 10:07:47 GMT
server: Microsoft-IIS/10.0

POST
H2 200 f8b5a8ca3c424f6fad8e580e06a7b265 Show response
forms.m-pages.com/api/forms/ 44 KB
10 KB 73ms
73ms XHR
application/json 136.243.111.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.m-pages.com/api/forms/f8b5a8ca3c424f6fad8e580e06a7b265
Requested by: Host: cdn.stat-track.com
URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5523385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.111.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.146.111.243.136.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 021f4e5c7ed58f570517be08cd9ee4c4c5ee25a219eff124866769e63ec15a83

Request headers

Accept: application/json
Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8

POST
H/1.1 200
OK track Show response
t.stat-track.com/ 40 B
506 B 45ms
44ms XHR
application/json 212.32.243.52
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.stat-track.com/track

Requested by

Host: cdn.stat-track.com
URL: https://cdn.stat-track.com/statics/moosend-tracking.min.js?ts=5523385

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.32.243.52 Dieren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

Resource Hash

97285e9d81d76d6dcd265be08c561c2b7379928e9fa9d3ca49110af6382c0d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 05 Jul 2022 10:07:47 GMT
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Xss-Protection: 1; mode=block
X-Server-ID: 2
Cache-Control: private
X-Robots-Tag: noindex, nofollow
Vary: Accept
Content-Length: 40
X-Content-Type-Options: nosniff

OPTIONS
H/1.1 204
No Content track
t.stat-track.com/ Frame 0
0 48ms
14ms Preflight 212.32.243.52
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.stat-track.com/track
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.243.52 Dieren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abovethefold.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, OPTIONS, DELETE
Access-Control-Allow-Origin: *
Date: Tue, 05 Jul 2022 10:07:47 GMT
X-Robots-Tag: noindex, nofollow
X-Server-ID: 2

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 139ms
57ms XHR
text/plain 34.250.171.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1657015667550
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.171.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 11e32429acffc7ff725aeee8b1ef3993dd3e6dbb39b0bf6d963b4c8d2f9b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Jul 2022 10:07:47 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H2 200 plerdy_seo_rules.js Show response
a.plerdy.com/public/screens/10861/ 40 B
369 B 54ms
44ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.plerdy.com/public/screens/10861/plerdy_seo_rules.js?v=0.3792722789294489
Requested by: Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3afb23443f3e036ec0cbbf3027243e1832fdb54611b7cf86bf5b7cd3f1356617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 11 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/"613cdbb5-28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FRgQOpMHxEqWh0W6V%2BPeF%2BIHsKhbzFtNQXNGDgsdZgpg7rYNZb0dH2tlQcDldCrYaMJeg%2B%2FCYU761hqEXkJ6vIhY3R18EpMhe7CaFD2xPtLITfJx3B9R%2FU%2BvNpA0QZsLLhCe63NxJusBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4bb2aa4fbaf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plerdy_video_rules.js Show response
a.plerdy.com/public/screens/10861/ 25 B
325 B 50ms
41ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.plerdy.com/public/screens/10861/plerdy_video_rules.js?v=0.22934648670727942
Requested by: Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1753ae72ef1c45a8099356664234523f8ddf0be45efc04e018f5745f06d56d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 09 May 2022 20:44:06 GMT
server: cloudflare
etag: W/"62797d16-19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVURnhDSbSpd7%2BKcZBwKWn56Y3CoHPNKPiXWgojIJOie8nWW4jV7B2u36jzxWJCUO6AdY2a6vLauV0V8r%2BAACHNZpqYXLxj1Xrzg1wegI3mkvkQwHXCwrZfEuC5n5ykYG4WY1k71Nji3mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4bb2aa4dbaf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plerdy_ga_events.js Show response
a.plerdy.com/public/screens/10861/ 23 B
379 B 48ms
39ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.plerdy.com/public/screens/10861/plerdy_ga_events.js?v=0.3441751020627537
Requested by: Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a958c06085a4eda7c1b1ba959c75ac359e812f706f15a8aa48a42e8ad66cd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 09 May 2022 20:44:06 GMT
server: cloudflare
etag: W/"62797d16-17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrSHIe6jBzM3Pr4D%2BLlYultgASvWYIb8sX%2FTjrKl3fVF%2BNI90xGslHleMvACoYz5X%2BgCyLTlqSM6uJ0g8B5NIiH6wqeLHMJG29sfgn0U97seXEuBEUWyuw3GO8MJIDCh60HIzHIxmAgwyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4bb2aa51baf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 data_plerdy_form.js Show response
a.plerdy.com/public/screens/10861/data/ 30 B
354 B 51ms
42ms Script
application/javascript 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.plerdy.com/public/screens/10861/data/data_plerdy_form.js?v=0.5399087558524449
Requested by: Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695416b31735c81c78a208c552c48e63188a73afcbe2bdc94fb67136d03bff8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 09 May 2022 20:46:00 GMT
server: cloudflare
etag: W/"62797d88-1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTcNUVnIDRfLc2zMh6qz1o%2BPgYeimYX%2FgAscOOj30lX7cWfTveq98kJboeCAilavxili%2BHMbqHMn3LFf8T2TxvsCSSESFwdWHHvtM4Igv84%2Bj82%2Fd5A7IECfPRHoN0aR2iaNLY9L5avQwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 725f4bb2aa53baf7-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ip Show response
d.plerdy.com/click/ 61 B
639 B 56ms
56ms XHR
text/html 2606:4700:20::681a:e5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.plerdy.com/click/ip?params=%7B%0A%20%20%22site_url%22%3A%20%22abovethefold.live%22%2C%0A%20%20%22ip_visitor%22%3A%20%22%22%2C%0A%20%20%22position%22%3A%20%5B%5D%2C%0A%20%20%22page_url%22%3A%20%22https%3A%2F%2Fabovethefold.live%2F%22%2C%0A%20%20%22user_hash%22%3A%20%227feeee3dde745a7abbb5efadce710e1e%22%2C%0A%20%20%22suid%22%3A%2010861%2C%0A%20%20%22plerdy_url%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22device%22%3A%20%22desktop%22%2C%0A%20%20%22cookie_form%22%3A%20%22%22%2C%0A%20%20%22doingrequest%22%3A%200%2C%0A%20%20%22tag_name%22%3A%20%5B%5D%2C%0A%20%20%22el_on_click%22%3A%20%5B%5D%2C%0A%20%20%22class_name%22%3A%20%5B%5D%2C%0A%20%20%22node_number%22%3A%20%5B%5D%2C%0A%20%20%22click_number%22%3A%20%5B%5D%2C%0A%20%20%22reserve_selector%22%3A%20%5B%5D%2C%0A%20%20%22class_list%22%3A%20%5B%5D%2C%0A%20%20%22id_list%22%3A%20%5B%5D%2C%0A%20%20%22page_title%22%3A%20%22Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold%22%2C%0A%20%20%22plerdy_url0%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_live%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_save%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22plerdy_url_save_test%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick_test%2F%22%2C%0A%20%20%22traffic_source%22%3A%20%22direct%22%2C%0A%20%20%22id_page%22%3A%201%2C%0A%20%20%22country_code%22%3A%20%22DE%22%0A%7D&cooki=%5B%5D&ip_a=1

Requested by

Host: c.plerdy.com
URL: https://c.plerdy.com/public/js/click/main2.js?v=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a714253d32cc7683d3407283f19f09e219e959a0c3bb19c40169f4d9e6fe6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ9ZHPLoJcPq55JLRZ2aURGeM8mQoV69mPamxqsi%2FuzE04ZbHsTJATUCZPA1Jm0%2F2IyEXF9LRwy1HC8FWF1Taa22QK7JuPlGAJJgO7mrqBGK67pv8Utk53SxgDNpBK3NRBU6hfSuwHJNiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0
cf-apo-via: origin,host
cf-ray: 725f4bb2fce7bab8-MXP
expires: Tue, 05 Jul 2022 10:07:47 GMT

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 166ms
165ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5e691adceec7650c331f7fa6&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

792eb4ca91e955e26a7f93afe2ad83d0ab8084c75b18bc6cca6ad5b38160b60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-jqpj
server: cloudflare
etag: W/"2-91-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 725f4bb4cf6a2355-ZRH
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 232ms
211ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b30cfe0dfdace88e38ec955cdbb94f1a2fe3322b691e79e2230bad7207346646

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-jx6g
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://abovethefold.live
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 725f4bb60e5ccc62-ZRH
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 172ms
172ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abovethefold.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://abovethefold.live
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 725f4bb4df7d2355-ZRH
date: Tue, 05 Jul 2022 10:07:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-cq6f

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/languages/ 16 KB
4 KB 45ms
28ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493194
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:37 GMT
server: cloudflare
etag: W/"5a13c5b16c3caf8b986d6b915fd4b13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb5ee41cc62-ZRH

GET
H3 200 twk-chunk-2d0d2b7c.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 7 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493200
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"1180d712a02848854eab38e1736e2616"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76ffccc62-ZRH

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 16 KB
5 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493203
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"6712af3933a068dc9ca1293e0c2c828f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76ffdcc62-ZRH

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 10 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"325d67a45c137803b4f8bd4d47afffed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76ffecc62-ZRH

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 16 KB
5 KB 35ms
34ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"601eb77cd91dcb708add40ebe9d149e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76800cc62-ZRH

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 942 B
780 B 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76802cc62-ZRH

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 546 B
669 B 23ms
23ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493200
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76803cc62-ZRH

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 11 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493200
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"5d825157bfbb4872b9ce8ea19e5eb7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76804cc62-ZRH

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/62835fee0eb/js/ 70 KB
16 KB 35ms
34ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493200
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"006d5eeef6485daa02180491bbfb5485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb76805cc62-ZRH

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 788C 24 KB
5 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
cf-polished: origSize=25050
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb7b860cc62-ZRH
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 2BAD 13 KB
3 KB 25ms
25ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb7c873cc62-ZRH
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame 1329 37 KB
8 KB 29ms
28ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
cf-polished: origSize=37650
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb7d88fcc62-ZRH
cf-bgj: minify

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/62835fee0eb/css/ Frame E0BA 73 KB
14 KB 25ms
25ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-2d0d2b7c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1493199
cf-polished: origSize=74594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 17 May 2022 08:44:36 GMT
server: cloudflare
etag: W/"0d4a703e4e6f73ee4b1a0e152481a4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 725f4bb7e8becc62-ZRH
cf-bgj: minify

GET
H3 200 css
fonts.googleapis.com/ Frame 788C 7 KB
592 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/min-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 08:20:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 10:07:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 10:07:48 GMT

GET
H2 200 56f7a61eab49275e55876b9fb793199f3647950b
tawk.link/5e691adceec7650c331f7fa6/var/chat_bubble/ Frame 2BAD 26 KB
26 KB 767ms
721ms Image
application/octet-stream 2606:4700:20::681a:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/5e691adceec7650c331f7fa6/var/chat_bubble/56f7a61eab49275e55876b9fb793199f3647950b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ba6b66516c937b52df06d8e53fa7844d4cc06d91f95340067f86ea1ce2d2bf98

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:49 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Jul 2022 10:07:49 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uR2o%2FajQGOUotsEdIEzNIVR4ejt9VdktdeS8THbl2FC0LCxJ3ZdaziqvbY3Ilfkuhz59eqkunfPVbU55bFKsmoq2J%2BzoOnfq5%2FzNitN%2B5u7OlNfMYR8gxQFkw8K6aKWdVwMhGyWSEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=600
cf-ray: 725f4bb84bcbbaf7-MXP

GET
H3 200 css
fonts.googleapis.com/ Frame 1329 7 KB
592 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 08:31:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 10:07:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 10:07:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0BA 7 KB
592 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/css/max-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://embed.tawk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 05 Jul 2022 09:13:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 05 Jul 2022 10:07:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Jul 2022 10:07:48 GMT

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 52ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 10:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9161170
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19182-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO9iEgaqyA%2B46%2FBgf4KSUAg4O1%2Fb2cuLiwi%2BFMICLE5h%2FBHKr34i72EIpKDUHGSvog%2BYyq07QKtOFknk6GkbVos2fNlgTn5hso40bsza88xficc8HSTTdi7OvEjRyEUDr6hcS2UzfJXlGl3p8PY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 725f4bb85e6601e3-ZRH

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 788C 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://abovethefold.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 579579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:08:09 GMT

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
347 B 177ms
177ms Fetch
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/62835fee0eb/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abovethefold.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 05 Jul 2022 10:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-3l06
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://abovethefold.live
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 725f4bbc1e080200-ZRH
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 158ms
158ms Preflight 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://abovethefold.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://abovethefold.live
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 725f4bbb1c890200-ZRH
date: Tue, 05 Jul 2022 10:07:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-mwwd

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 31ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZPL124R4F&gtm=2oe6t0&_p=1691349285&_z=ccd.v9B&cid=325362770.1657015666&ul=en-us&sr=1600x1200&_s=2&sid=1657015666&sct=1&seg=1&dl=https%3A%2F%2Fabovethefold.live%2F&dt=Hey%20%23GoogleGirl!%20Digital%20Marketing%20%26%20Training%20by%20Above%20the%20Fold&en=page_view&_ee=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZPL124R4F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://abovethefold.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Jul 2022 10:07:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abovethefold.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
abovethefold.live/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: abovethefold.live
URL: https://abovethefold.live/

Verdicts & Comments Add Verdict or Comment

359 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:36:07	Name: _GRECAPTCHA Value: 09AE5b5t3volQ0Xhv6K_JKsUOzlKKXjC7moDiqV59XT40YAnakm3bwFfYYhkHqRXzwQpxtAhqhdFGM2AUkjU552qg
.abovethefold.live/	1970-01-20 04:18:22	Name: _gid Value: GA1.2.1699872403.1657015666
.abovethefold.live/	1970-01-20 04:16:55	Name: _gat Value: 1
.abovethefold.live/	1970-01-20 04:16:55	Name: _gat_gtag_UA_107069184_1 Value: 1
.abovethefold.live/	1970-01-20 21:48:07	Name: _ga Value: GA1.1.325362770.1657015666
.abovethefold.live/	1970-01-20 21:48:07	Name: _ga_KZPL124R4F Value: GS1.1.1657015666.1.1.1657015666.0
.abovethefold.live/	1970-01-20 06:26:31	Name: _fbp Value: fb.1.1657015666599.7065810
.linkedin.com/	1970-01-20 05:00:07	Name: UserMatchHistory Value: AQKt-tnMLKKQsgAAAYHN1IdU7rT_SsTjMwkYbQ0IC-QT53Cqr1xCMJ9F8FliVEh1T4OJW3W_ON-vIQ
.linkedin.com/	1970-01-20 05:00:07	Name: AnalyticsSyncHistory Value: AQI8_HXwOoFzrwAAAYHN1IdUKU1WT714oG8Y9TxjoCgwYgjhUOPwIgC7lVspCVbBV0ei2DRODjpFABKm55FUZA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:48:49	Name: bcookie Value: "v=2&98dceaec-9869-4188-8b09-9f66c0a1b8fa"
.linkedin.com/	1970-01-20 04:18:22	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2328:u=1:x=1:i=1657015666:t=1657102066:v=2:sig=AQHDKa1PJj4SDlUftOCYGs388gOpDT92"
.facebook.com/	1970-01-20 06:26:31	Name: fr Value: 0L3fQ7Y2F6gTmGbgN..BixA1y...1.0.BixA1y.
prism.app-us1.com/	1970-01-20 05:00:07	Name: prism_650628205 Value: 3afb7824-3d24-4502-bc76-5fa6ded3320a
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:48:49	Name: bscookie Value: "v=1&20220705100746f5fc311b-aea5-4191-8471-8c9809f88197AQExZ8qwEehaRppUFaccNZOzMou0mabW"
.linkedin.com/	1970-01-20 21:40:53	Name: li_gc Value: MTswOzE2NTcwMTU2NjY7MjswMjEOmV5C/KI+mZGWPlN18Pb8ZyMt+DM5mftRS03S/dJKAw==
.abovethefold.live/	1970-01-20 05:00:07	Name: prism_650628205 Value: 3afb7824-3d24-4502-bc76-5fa6ded3320a
.abovethefold.live/	1969-12-31 23:59:59	Name: cebs Value: 1
.abovethefold.live/	1970-01-20 13:02:31	Name: _ce.s Value: v~2eea8423ce16a7516571f2755844ff31adeb46a7~vpv~0
abovethefold.live/	1970-01-23 19:52:55	Name: uid Value: 5c3ee69abc8c47c1ba3dbeceacda6579
abovethefold.live/	1970-01-20 04:18:22	Name: sessionid Value: c7a32fe390234d0b95009b596c991f66
abovethefold.live/	1969-12-31 23:59:59	Name: exitIntentFlag Value: true
.abovethefold.live/	1969-12-31 23:59:59	Name: cebsp Value: 1
m.stripe.com/	1970-01-20 21:48:07	Name: m Value: 0bd4e08c-33ed-4d63-b27e-36b0cc3591ee11f8e9
.abovethefold.live/	1970-01-20 13:02:31	Name: __stripe_mid Value: 8845bc03-2d1f-4beb-a35e-af74d6f28cfc2f330b
.abovethefold.live/	1970-01-20 04:16:57	Name: __stripe_sid Value: 3a76b416-5e69-4c0f-8930-95b8ca1e045618d393
abovethefold.live/	1969-12-31 23:59:59	Name: twk_idm_key Value: 4IDIgmAWn17jNqMbzo1m5
abovethefold.live/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.abovethefold.live/	1970-01-20 08:36:07	Name: twk_uuid_5e691adceec7650c331f7fa6 Value: %7B%22uuid%22%3A%221.5K8AIyjqW7WUT6ZFbTsCC74NmhO3BPVeImwSfKpBcsJJapIu57spWmNuBuEaIBKGg3sEuEcqeFjWJKF75SsrznPsPWG79gDWnOD2Oak2nOFtfh5laOGR4EANa13LxoXeNYVwcUTzUlq1BQOylwfbTDT%22%2C%22version%22%3A3%2C%22domain%22%3A%22abovethefold.live%22%2C%22ts%22%3A1657015668372%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRS66RG Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.plerdy.com
abovethefold.live
assets-tracking.crazyegg.com
c.plerdy.com
cdn.jsdelivr.net
cdn.stat-track.com
connect.facebook.net
d.plerdy.com
d3rxaij56vjege.cloudfront.net
diffuser-cdn.app-us1.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
forms.m-pages.com
js.stripe.com
m.stripe.com
m.stripe.network
pagestates-tracking.crazyegg.com
prism.app-us1.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
script.crazyegg.com
seal-sask.bbb.org
snap.licdn.com
stats.g.doubleclick.net
t.stat-track.com
tawk.link
trackcmp.net
tracking.crazyegg.com
va.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
abovethefold.live
108.62.0.112
13.107.43.14
136.243.111.146
151.101.0.176
151.139.128.11
2001:4860:4802:32::36
212.32.243.52
2606:4700:10::ac43:2642
2606:4700:20::681a:e5c
2606:4700:20::681a:e9e
2606:4700:20::681a:f5c
2606:4700:4400::ac40:9197
2606:4700::6810:5614
2606:4700::6811:915b
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c08::9d
2a02:26f0:480:3::210:ee91
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.171.64
54.148.100.42
54.166.84.155
54.187.119.242
65.9.58.170
99.86.4.21
99.86.4.38
0055c95a98112f2b024b240606a69a145018524568fd8e93edf1bf77c6fe1742
021f4e5c7ed58f570517be08cd9ee4c4c5ee25a219eff124866769e63ec15a83
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f2590278435d8e660cae76d3c900b6223b06dac3f526cc43f66b6213b3b63e
047a1d5b6ffbdc2591ded8d497395b7a5b316406ea5b26fae57fa3bcfebf4a9b
048d4668004c2642e3c4d228c7adfa972e33025191c4f475d97ea4aeddd223e8
04d101650c356d270731722e2c0fe9e5d6cb861dd771f98465f1fcd328a6af17
05227dab17c6764ef8fb42621e86b628a429e32d1ba2b8891574333077e7916b
083af16c4920a7b909ea7445be4d2725fc55a9c322983d08d43b7117d156b650
08b53c5a235af3613d1964d3678ac26432071b1eae951590b84f14ea839a5678
08cf00701980b023a8b18d7c76238941f7ce638312df06471c8f01759d3f57fd
09a760da6074f19fa9bde87a17a4a028c628a5ad55c686149528c10b35caf204
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0a958c06085a4eda7c1b1ba959c75ac359e812f706f15a8aa48a42e8ad66cd0b
0f09a9b352cbec17b16917d0ae0bfe3e5fef39418a97cb47d87864bf00e756a5
0f0aef9670e1b3f32b79f61f847d0f470c062a9d17ff4c0a8ce2517710ff3411
0feed8c49be4364b55622b9ad28cc535bbfab76a6d81128255833e7634fa2aa1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e32429acffc7ff725aeee8b1ef3993dd3e6dbb39b0bf6d963b4c8d2f9b4da3
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
142b2ea0873ac373f6579f120251c58f610e463530e5242cfdbb869a4bdae3a4
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
161f78f0d9ea5a5025a082c14b694df6ca43e2d48db62ee35f3368ff3da02cc1
1753ae72ef1c45a8099356664234523f8ddf0be45efc04e018f5745f06d56d12
17697df2130c596c53c124f4f2bb50a1b653fe1682458ba54aa4fe3d7bdc3720
183ab86c71282d84eab8195ae5cf7163709345d327c053e2a8d2b9a1de63a0e2
1a714253d32cc7683d3407283f19f09e219e959a0c3bb19c40169f4d9e6fe6f4
1a902d8d0bf4615e985f80c1e6fa38147d341124ae44a7927e15a632c0eb3d87
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1db2d4a2105be0c819790fdc3be85fede728fdda6087da004d18077bc1215def
1ebb36e49aab584f0c49c022a1032db2e2fd845c06e691b04bf15dd6f2e51710
202786f9431b359a0ffdd47ae4096cd4e3934476beb43c1844620e8389c42210
22461c72b84fb47535c72e98657348aed96b269f6cd00dd81c82513ef28e6345
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
289ac96339e8c74805f1cb72959ce65000c005b9c1594b0e77aab57eb485abbd
2c0ea284dc5a8f07aec34828f08c893003982966aab47a221e55f6e61c3d3fae
2ef9a0b7735658c436b863ae36c4dec0a5d831988b8fa6c5874e066289afc8c4
2f306230f9b1c1619e0f4827d761cd23b8d3a6d94ab99021d07eae0a2bc3dbc2
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
319f6ac36829b0a184068573ed03320b9bb52dad872f5d1ae4714510b59f5f53
32cf3b4f230561f36956af0ff1babb875cc762e9d0058c3606a23f1f5d729f2c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3afb23443f3e036ec0cbbf3027243e1832fdb54611b7cf86bf5b7cd3f1356617
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e82120a2f23079107681f967b0a076db96fb9a750e660a848ed2790d25fd1da
457280e5fea8ff1176b9750452929bbf623019d7d63aec31e453d1d2eee0ed39
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4d23593dc137c61dcc776684bac7fd33160070919a16c772327dcdc67fe721e9
4ef158b41b948a026674ff4d4780d40958e066c3c79b40748d091bb8123a9da6
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
51bf690f69b7f117c2652342da5e4b72c9c602413da8ea0ab0d49ed643211950
5399d593d92642f8ef2b20ab26cdd615a70d2ecf029d5c52a1fc8b3813cf29e8
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
59bb7a33c33520c0ba82835503be306a918c33e07aaa068bd597ca7f4ab7a65f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be9ef1a87eb8bbd5da2cb8a9c678e25933fce6c41614814e22a1d6561dfa12b
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716
5d107d8cd74bb335f4ac7ae0235f4fe0001176845ba55f7fdfb99c498954eca3
63b79ca8ed3387b082360b95c3b815c961eeaa6891619c8b84b2352a81356560
646a64e5cb9f6c7702c7830ae308bdb9a67b7d20f7c598615695d0a39c01187d
653a86a94df17e358609b9d2e90658b7afd12e291872873b9d53623db233b2c9
6780bcbe70cff40f8b8ce0d709d440fff10e0238f601cee390f23e4bf42514d5
695416b31735c81c78a208c552c48e63188a73afcbe2bdc94fb67136d03bff8f
6a2b14ca50e612d4564e626e540e592548a258de0352e25fd0b5c3862d803b68
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
6f7ceb172736b2112d74cce83030228eaf98914a167252b27f5ecb47be43a9fc
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70f712d07bc0922430f626d19312e4869821bd5337f7531e397640c094aee50b
711a5bf82f964b955eb316e671701ad0952b805429e46f8415f767fc9ae8e49c
7363417e660fa2357c98c9f3e04d37d2d41ca85cc3117e18894367ed246af3b1
74c239787985f479c353c6ac93e84eaa82ef8eb9f771d7532fe9d6709c785f0f
74e71b2f5350c0679130c8bc079437cd4a3b59d72e009d414434179eec5cb04e
792eb4ca91e955e26a7f93afe2ad83d0ab8084c75b18bc6cca6ad5b38160b60a
7abd36a2f651330420d86187c125331d679408d1be7b6cd93efa64e08eaf80c7
7adb967745932b25c31da3ef4a92f2b8e166926a7a8476fe8c8c58fc84b95fa3
7c682e08fdf01c281433a50db0249a26e78dbbd228f72b9c7fbc8b0590f89735
7d54a7b1f225f6465aafa6e0bd1fd1daeb7778827de76fde5a3c15e5566c6e68
7e020710c1237614858a16edcf7aeb131a8e6a5178d39c615e9a7c0a23b47da3
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860a052a02ba7ec1580135d3b8a35feb0e11eebb5990fcf7b7ee6e0745f9f9ea
86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96
88ec599d965fcd370a410862895fe70438e2b89fe52a2617d4cb14536c74a71b
8ad90039823b4c649f88b94f3fcaf8ae67f1d3094ad9ef3217385ff9f3adc06d
8e58c9ce0ec87e8670bf577d4dcf56a71b5b34350753261954ce5b89e8678654
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
9014e413a2ed0a5b777c417873a254729ce6bb5fdca039a4dd5abd04417db98d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
93744e88dec3f363bb77625e3cae9749e46339b760e0ee495e594ce9cb7e2320
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
97285e9d81d76d6dcd265be08c561c2b7379928e9fa9d3ca49110af6382c0d45
9a1d01cc4e8dac0f0e4be7069dd8330189c84f11f700a86a81aee7b6baf40444
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
9f7e2e96d94f15b219219cad5967ee96afc6f1585da68912106d5e9c1e72ad99
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
a2a730bfb474365a6a6f90da061620c69d4779a876ef88e3af0ca6febebc8f79
a2b4c3ad220c8d28533887965fbb1e6c1382588d200eb9d95250f929a567ba1a
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283
a9e66a723a15591b7f9b0f08013cb163dba1778a6a3dfdfc6cb71eb771fc90c3
aab452a34ffa3cfb63ef10c2b169d6f34197fe4b697fc850bd3cda77c82a84d4
abec774b262dca9d567d9403b5d423d439e7650a4b03c891211b15bc27adeeea
b30cfe0dfdace88e38ec955cdbb94f1a2fe3322b691e79e2230bad7207346646
b384140f36d710dcb1ab0bd04d494b3d4535f1d7bc6f2803e28c03387377a2d1
b3a541179fa2c1f5e6dc116505e6503d70d7ccea2bd164f34ebcaffc15185d7f
b43c340e42ff54a6c1d0e018c1cbd22144a073fed0c27b437a20a7826a977342
b55a1666694ead1107d83e87ef7e5b201f9c6c669bfee4cac6bad92b6dc2263f
b5b1592fa8ab8256ceae1cf00cbe53ad23b82f85964514f421492df2a8735d2f
b601109f6454a4cdb28a089947fbaefcce2e471efcfdc60cc6869c9c36417e14
b60fb08c8c6b5b11c013272699649840b48a91357ca36e7c0f12046ddace0579
b7bd4ab3f6b24ee8634a579dc7467e3d03069bf85c54362f8a6cf5b1a0b34fdb
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba29be1c355e5164d03899c41b11ac44143bf1f7e4f2af0e6d2ada85c5e249be
ba5c056304ac91133cc363f350c5caa5dab3573cfd8440d32f5af816d8eb6383
ba6b66516c937b52df06d8e53fa7844d4cc06d91f95340067f86ea1ce2d2bf98
bb60c146c70026b944aa192f84e29e42a124ecd384883a154853e4933f1a4d4c
bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19
bcc67eaa39a915c8c4e91b85cf3afa8bf48fa0e366b30963bf7770c32bd1220c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5127d88d20bfc74fb94869e2026ddfbb9119934c6b441b12ed7762a948a702
beeeb3cf200c5bfc287a95f6cb9d66b4be056075788f79ae4ac6e7515bc6baa7
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b25cd117c2010382d4d9bf2867f9644aff5058da3650ede80797a5565de549
c6b1e044016e4f0dc5422c511fdc692c9d026f77dd2b7169205331a804cd633a
c739da22e31d0d28769ecd10ed665e6c83a3e301be39602d4b422957c4e17376
c78a1fc01e491f4afaa0463bef500cc48dd125bb623fad5714789963e6010342
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971
cb28f393677665433e3af5c77e827998356a56ef32fdac90d1986dd4991fcde2
ccb5e6bf3d877d41c3adfb5dbb292dfc22e23c2e941895154994b1795b0af96d
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d0d553a0eb1a8f88a5ceb0b68b1480fafc650adeda5cd1989c5b62798fa11e30
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7
d2d334c44bf66bcabe3a150f3f4d8358207c98d2a93de78a8d118bca64871c5d
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d64873dd0c111a0f6663da0b18aaf75b057051f869ddd9e9b72d68003f3a93a6
d7819ad427cb5fd886c1f91887ec7aa0f9441bee03d5553af3168aee1522f616
d9e9fb149b793d533a8ec27d7a82e4f66a403f9234334c902a5cff13a451244b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df6b32865fc99b7c2fd8c5cf0941a5136d3e376b19851863f7adb73e9345ede4
dfc481c8a8034505013b1e2bbdaba080e9eab3e9dfc66d75c4e0c95051e68284
e13f709359f6b24dcb73e535d9d1e25d8253072ef63b95399f0ead1019a24a0c
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e
e4f44a19ba4a3f26f78d377a7771ea743e05c37cc3f0d34c558f71073549754f
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
ed44069f4ad366b087d78f971ac7e9100026a8cb7cdca3e09e7e6b1fba87dd62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13eed0264b45cba842fb16ddf34fcd6061cbd9cb2b350e7c4a5611f463f1420
f24d6b3320defba731e6dd055dc838a98dbce7f64d1fff9eaacb501113d6b11a
f3b2531d6e76075cf19da71a57064e1c8685fc47e741f85d3a67b62a28af0e1b
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa04b3ae8b8b9dd0ec2d2fe81b219d53c2cad8c8b6efc870f6ffae261e8ea679
fb0b1554e9689e778596207553844e6a72670f563311b76bdc53f09b97c0d222
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fc48b9ab96cfc8d1e3476fe821803e166e46c87ecaf59f7287dc6b55cd976a75
fccf7d38064bc3d0f77581e7623f4f20564dcc3e90e2f3978f09a8cdf0967ede
fd0062dadc441ac836028282dfda635da47f4280756d07ab0908faf71818e05e
fd34dab8c695c588a20806efd3060572778d4122b180a5988a07c16b4cf9c387
fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8
fea48455cbc76012c2d43b76016897e52ef4303f51adbb4b8abe70a7c0c325ac
fee6dec9e7d648ac6be3c030ffc99fd2ac5f73398212f4cb2e43d7cdc28282ed
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

abovethefold.live Open in urlscan Pro 108.62.0.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

201 Requests

97 %HTTPS

63 %IPv6

26 Domains

40 Subdomains

35 IPs

5 Countries

2821 kBTransfer

7583 kBSize

30 Cookies

10 Outgoing links

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

abovethefold.live Open in urlscan Pro
108.62.0.112 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

97 %
HTTPS

63 %
IPv6

26
Domains

40
Subdomains

35
IPs

5
Countries

2821 kB
Transfer

7583 kB
Size

30
Cookies

201 HTTP transactions
0 data transactions