hellbergsalesandservice.com Open in urlscan Pro
194.1.147.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mlsend2.com/link/c/YT0xOTI2MjY3MjcyNzQ2MjQ1MDY4JmM9ejFtNiZlPTAmYj05NTU2NDI5MzMmZD1oN2M5azFm.qAWqGvp_pMKI3nxT...
Effective URL:
https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_a...
Submission: On April 22 via api (April 22nd 2022, 12:07:27 pm UTC) from US — Scanned from DE

Summary HTTP 215 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 26 domains to perform 215 HTTP transactions. The main IP is 194.1.147.81, located in Chicago, United States and belongs to WPX, BG. The main domain is hellbergsalesandservice.com.
TLS certificate: Issued by R3 on February 25th 2022. Valid for: 3 months.

This is the only time hellbergsalesandservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:2e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	194.1.147.81 194.1.147.81	210250 (WPX) (WPX)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
18	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
13	2606:4700:440... 2606:4700:4400::ac40:9996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
28	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c1b::5c	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:3600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	54.148.197.171 54.148.197.171	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2	16509 (AMAZON-02) (AMAZON-02)
215	35

1 2606:4700:10::ac43:2e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.mlsend2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 194.1.147.81 (Chicago, United States)

ASN210250 (WPX, BG)
PTR: wpx.net

hellbergsalesandservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:9996 (United States)

ASN13335 (CLOUDFLARENET, US)

static.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:3600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.remotecompany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.197.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-197-171.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:7cb (United States)

ASN13335 (CLOUDFLARENET, US)

bucket.mlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	stripe.com js.stripe.com — Cisco Umbrella Rank: 964 q.stripe.com — Cisco Umbrella Rank: 6249 r.stripe.com — Cisco Umbrella Rank: 4301 m.stripe.com — Cisco Umbrella Rank: 910	476 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	419 KB
27	google.com 2 redirects pay.google.com — Cisco Umbrella Rank: 3149 adservice.google.com — Cisco Umbrella Rank: 64 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 29	413 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	742 KB
16	hellbergsalesandservice.com hellbergsalesandservice.com	624 KB
13	mailerlite.com static.mailerlite.com — Cisco Umbrella Rank: 13296 cdn.mailerlite.com — Cisco Umbrella Rank: 30193 fonts.mailerlite.com — Cisco Umbrella Rank: 25192	124 KB
13	wp.com stats.wp.com — Cisco Umbrella Rank: 2453 i0.wp.com — Cisco Umbrella Rank: 2544 pixel.wp.com — Cisco Umbrella Rank: 2296	528 KB
12	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 195	112 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	40 KB
4	shortpixel.ai sp-ao.shortpixel.ai — Cisco Umbrella Rank: 16920	6 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	109 KB
3	remotecompany.com cdn.remotecompany.com — Cisco Umbrella Rank: 41629	65 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9242 www.google.de — Cisco Umbrella Rank: 6544	1 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 103 partner.googleadservices.com — Cisco Umbrella Rank: 773	17 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	146 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1631	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1019	16 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1394	296 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1434	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 870	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1043	464 B
1	mlcdn.com bucket.mlcdn.com — Cisco Umbrella Rank: 28954	732 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	7 KB
1	mlsend2.com 1 redirects click.mlsend2.com — Cisco Umbrella Rank: 92335	315 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
215	26

	Domain	Requested by
22	r.stripe.com	js.stripe.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	js.stripe.com	hellbergsalesandservice.com js.stripe.com
16	hellbergsalesandservice.com	hellbergsalesandservice.com
14	www.gstatic.com	pay.google.com www.gstatic.com www.google.com googleads.g.doubleclick.net
13	play.google.com	www.gstatic.com
12	pagead2.googlesyndication.com	hellbergsalesandservice.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com hellbergsalesandservice.com googleads.g.doubleclick.net
9	i0.wp.com	hellbergsalesandservice.com
8	www.google.com	2 redirects static.mailerlite.com www.gstatic.com hellbergsalesandservice.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	static.mailerlite.com	hellbergsalesandservice.com static.mailerlite.com
6	q.stripe.com	hellbergsalesandservice.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	fonts.mailerlite.com	static.mailerlite.com fonts.mailerlite.com
5	fonts.googleapis.com	hellbergsalesandservice.com googleads.g.doubleclick.net
4	pay.google.com	js.stripe.com pay.google.com hellbergsalesandservice.com www.gstatic.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gstatic.com
4	sp-ao.shortpixel.ai	hellbergsalesandservice.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdn.remotecompany.com	static.mailerlite.com
3	www.googletagmanager.com	hellbergsalesandservice.com www.googletagmanager.com
2	cm.g.doubleclick.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	pixel.wp.com	hellbergsalesandservice.com
2	stats.wp.com	hellbergsalesandservice.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	bucket.mlcdn.com	static.mailerlite.com
1	cdn.mailerlite.com	static.mailerlite.com
1	m.stripe.com	m.stripe.network
1	www.google.de	hellbergsalesandservice.com
1	cdnjs.cloudflare.com	static.mailerlite.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	click.mlsend2.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
215	41

This site contains links to these domains. Also see Links.

Domain
i0.wp.com

Subject Issuer	Validity	Valid
hellbergsalesandservice.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.shortpixel.ai Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-02-17`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-04-19` - `2022-08-05`	4 months	crt.sh
mailerlite.com Cloudflare Inc ECC CA-3	`2021-07-30` - `2022-07-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-13` - `2022-10-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Frame ID: CE6FF0A18B61846E2C438D48C2A2B633
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 08AA839F849C159386481B4B9A8556CA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: DD16E39B676C4AAF0B4AED0006A42409
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html
Frame ID: ECBAC03631B9CF580EBC95B09568E8D6
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html
Frame ID: 3F499615A36219BE2FB268A472A40E8A
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html
Frame ID: 0D1CB993E689B8240131FE33F3C47B6C
Requests: 4 HTTP requests in this frame

Frame: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
Frame ID: 9D90217002D36C9D382C22FADC8EE6C1
Requests: 17 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7073C7B8CC97FAAC79EB47B0BF0F98AB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&adk=1812271804&adf=3025194257&lmt=1650629241&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629241302&bpp=2&bdt=339&idt=323&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7798177278164&frm=20&pv=2&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=346
Frame ID: F5F84C69FF28101814E64B0021F0EC27
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C93364AC6687670BC263AFDDD050B28C
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zdGF0aWMubWFpbGVybGl0ZS5jb206NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&size=normal&cb=3ptunsmmp14b
Frame ID: C0EF0425E6D24E444C2D2C1DF32F374F
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
Frame ID: E6E613B8F6FB179A308E23621DA19523
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
Frame ID: A72D48E7ECF95D644F8F9CE330B2A499
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 86342A25912C0706E9C7A37E20527B50
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: BDE2E8157C427384A2A619E2EE7D58C9
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Frame ID: ACBE5864568015A8269B1AB2E451741B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46110C2A9B3DEAC67356CC1BF3C54292
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FC03E7CED5407719A7C955F86E885848
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 9C7752A30E90DA857A9B52BA0974EC69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 51539B783E84600E05F6F7C030B896A9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6B2AAFBDAF867100D0DF2230DA35A974
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 3422299EA9C48AAD8E8E5FBD106E86AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65342EB2EBAA25D4C8A449EC03E14A9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5A5DEB4A67CE4C06A425C790862B7C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

POP Headband - Hellberg Sales and Service: Clear and Sound Solutions

Page URL History Show full URLs

https://click.mlsend2.com/link/c/YT0xOTI2MjY3MjcyNzQ2MjQ1MDY4JmM9ejFtNiZlPTAmYj05NTU2NDI5MzMmZD1oN2M5a... HTTP 302
https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=he... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

215
Requests

97 %
HTTPS

64 %
IPv6

26
Domains

41
Subdomains

35
IPs

5
Countries

4584 kB
Transfer

12338 kB
Size

35
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?fit=1976%2C2408&ssl=1

Search URL Search Domain Scan URL

URL: https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png?fit=803%2C1160&ssl=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mlsend2.com/link/c/YT0xOTI2MjY3MjcyNzQ2MjQ1MDY4JmM9ejFtNiZlPTAmYj05NTU2NDI5MzMmZD1oN2M5azFm.qAWqGvp_pMKI3nxTndvTO7jwB1-XEhe5-kwJhBqgXoU HTTP 302
https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eZpiYpz7JYKG9fgPuLqtqAI&sscte=1&crd=&eitems=ChAI8KSJkwYQqbK09dW3_fMnEh0A5p-hFb-W2IVMs8wAVQhTCkkLxkXYM3eXwZl1ZQ HTTP 302
https://www.google.com/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eZpiYpz7JYKG9fgPuLqtqAI&eitems=ChAI8KSJkwYQqbK09dW3_fMnEh0A5p-hFRy28gwCZRPWpxxbaYLa_9zC_v1wgVykUg&random=3579614658&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eZpiYpz7JYKG9fgPuLqtqAI&eitems=ChAI8KSJkwYQqbK09dW3_fMnEh0A5p-hFRy28gwCZRPWpxxbaYLa_9zC_v1wgVykUg&random=3579614658&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCy56fvsS6WdQQt-KmghSqu2kqTjgjYbPFHPwO63DhPTlbs7aUJApPS68sBbETAGX9kFaPjzUZnqL2dUEZK6asg

Request Chain 182

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VLN5KyQgIy09Vhf8LINWR9v8pOaq825q&google_gid=CAESECtDggupD8KaRyBirnZawkc&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VLN5KyQgIy09Vhf8LINWR9v8pOaq825q&google_gid=CAESECtDggupD8KaRyBirnZawkc&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIxMjA3MjQwMDAxMDgxMzE0Mzc5MA%3D%3D&google_push=AYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VLN5KyQgIy09Vhf8LINWR9v8pOaq825q

Request Chain 204

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_cver=1&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj

215 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hellbergsalesandservice.com/product/pop-headband/
Redirect Chain

https://click.mlsend2.com/link/c/YT0xOTI2MjY3MjcyNzQ2MjQ1MDY4JmM9ejFtNiZlPTAmYj05NTU2NDI5MzMmZD1oN2M5azFm.qAWqGvp_pMKI3nxTndvTO7jwB1-XEhe5-kwJhBqgXoU
https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22

139 KB
21 KB

2016ms
1740ms

Document
text/html

194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF / PHP/7.4.28
Resource Hash: 9fb1c8116fc576fd124bff66a6a50cb7d4c31d08623e686ab68d5e197a7bc5cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:20 GMT
expires: Fri, 22 Apr 2022 13:07:20 GMT
link: <https://hellbergsalesandservice.com/wp-json/>; rel="https://api.w.org/" <https://hellbergsalesandservice.com/wp-json/wp/v2/product/23>; rel="alternate"; type="application/json" <https://hellbergsalesandservice.com/?p=23>; rel=shortlink
referrer-policy
server: WPX CLOUD/FF
vary: Accept-Encoding
wpx: 1
x-cache-status: MISS
x-edge-location: WPX CLOUD/FF
x-powered-by: PHP/7.4.28
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 6ffe3d068d970211-ZRH
content-encoding: gzip
date: Fri, 22 Apr 2022 12:07:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 1 MB
187 KB 9ms
7ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 89f49597e41c2c0d2565378b5abdbd3dba715df46cea015c04edb33fe29cb1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 190522
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 17:18:21 GMT
server: WPX CLOUD/FF
etag: "17c0f6-625eeedd-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&display=swap&ver=5.9.3

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32dde2078cf65805a9d642f37b336c89f5ed52be6bac6930339ac2654dd6910f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:38:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 12:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 autoptimize_single_4e1fa3f4433f72e1d3f65ded770ff06c.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 2 KB
1001 B 28ms
27ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_single_4e1fa3f4433f72e1d3f65ded770ff06c.css?ver=1649865272
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 9905fa5e3654ee7b809dc0f15d0be039ac0f8ccec558066583c0aa427f1db67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 492
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 15:51:54 GMT
server: WPX CLOUD/FF
etag: "647-625eda9a-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:13 GMT

GET
H2 200 autoptimize_single_0bdc106c0a681173413f298c1e3e4989.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 54 KB
4 KB 28ms
27ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_single_0bdc106c0a681173413f298c1e3e4989.css?ver=1649865272
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 25252b14f925075f53ec2b94b28344793d2e3d573c3c1c49e225c73a7a0fe7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3259
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 15:51:54 GMT
server: WPX CLOUD/FF
etag: "d6fb-625eda9a-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:13 GMT

GET
H2 200 autoptimize_single_b6700a05511a47d819bd778e54c5a4ec.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 13 KB
2 KB 28ms
27ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_single_b6700a05511a47d819bd778e54c5a4ec.css?ver=1649865272
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: f22a221a82105cf14f2df601b41c8b651807dc680f195cda8ac23b9fa97de2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1446
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 15:51:54 GMT
server: WPX CLOUD/FF
etag: "35c0-625eda9a-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:13 GMT

GET
H2 200 autoptimize_single_ee124ad9a6bb56cc89096e1a8c187e54.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 8 KB
1 KB 28ms
27ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_single_ee124ad9a6bb56cc89096e1a8c187e54.css?ver=1649865272
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 63d53b7ef0241816b8533f6f6b0431e8a46392a402d80dc478243588879fcf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 991
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 15:51:54 GMT
server: WPX CLOUD/FF
etag: "1f4b-625eda9a-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:13 GMT

GET
H2 200 autoptimize_single_5deff7d56a22746f8324a267e3657c71.css
hellbergsalesandservice.com/wp-content/cache/autoptimize/css/ 9 KB
2 KB 40ms
39ms Stylesheet
text/css 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_single_5deff7d56a22746f8324a267e3657c71.css?ver=1649866467
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 184c90d054a8482f4b21294d1562cc41172a377c5d3768342904a1647b77fdd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1209
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 17:18:21 GMT
server: WPX CLOUD/FF
etag: "2550-625eeedd-0;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=30672000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Wed, 12 Apr 2023 11:30:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 93 KB
3 KB 47ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMerriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cf95b39586a515525eec76fdba18fed7f4a0d5a8274e49fd54acab6d3aabcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 12:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 12:07:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 jquery.min.js Show response
hellbergsalesandservice.com/wp-includes/js/jquery/ 87 KB
30 KB 40ms
39ms Script
application/x-javascript 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 30273
pragma: public
referrer-policy
last-modified: Wed, 21 Jul 2021 03:45:20 GMT
server: WPX CLOUD/FF
etag: "15db1-60f79850-0;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:13 GMT

GET
H2 200 s-202216.js Show response
stats.wp.com/ 9 KB
4 KB 40ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/s-202216.js
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT ams
date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-2494"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 17 Apr 2023 20:45:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 48ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-219644744-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b350ed39ea4b1af8b6effb63367b09e80cd99530599bc9d017f4a33623fa2ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38835
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
54 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840710490826089

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4605d276c5cc9c43ee3b93efa8d94f0925df950cee4c3fb24a9cbfbb773563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54733
x-xss-protection: 0
server: cafe
etag: 7957473417156853406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 11001-001.jpg
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/ 7 KB
7 KB 29ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?resize=300%2C366&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

49652113b3754b12b940dde8136e0c9b8e8948a87cbd3b72bbf8675f5191cd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "2123f61c4fe0aa84"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg>; rel="canonical"
content-length: 6850
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET
H2 200 POP-Junior-Hero.png
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/ 147 KB
148 KB 29ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png?resize=300%2C433&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

35165096b6232ebbb2143dec70d21053acda2fc6654f8e42df1838072b0ddc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "b72b10649c1b8b13"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png>; rel="canonical"
content-length: 150946
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET
H2 200 11001-001-150x183.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_183/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/ 1003 B
1 KB 51ms
14ms Image
image/svg+xml 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_183/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001-150x183.jpg
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 4fd99b25cfa45b32aa811fa70e09a731d7c2bebc0f16e77f2733f2305e1e433b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cdn-edgestorageid: 879
access-control-allow-origin: *
cdn-cachedat: 04/22/2022 11:31:38
cdn-pullzone: 257218
cdn-tag: 0; Domain: hellbergsalesandservice.com; 200
xtag-sp-debug: SLT: 0.01
server: BunnyCDN-AMS1-879
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Mon, 27 Mar 2023 13:22:02 GMT
last-modified: Sun, 27 Mar 2022 14:22:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=29296224, s-maxage=604800
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 459b196fb9106b3d0fe03725695ede6b
cdn-requestcountrycode: DE
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001-150x183.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 POP-Junior-Hero.png
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_217/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/ 1 KB
1 KB 50ms
13ms Image
image/svg+xml 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_217/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: a3c681f11be5f527f8fd28e22a84d550272ea5c85bed86cb9f52e887721c0091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cdn-edgestorageid: 883
access-control-allow-origin: *
cdn-cachedat: 04/22/2022 11:31:37
cdn-pullzone: 257218
cdn-tag: 0; Domain: hellbergsalesandservice.com; 200
xtag-sp-debug: SLT: 0.009
server: BunnyCDN-AMS1-879
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 20 Apr 2023 15:43:51 GMT
last-modified: Wed, 20 Apr 2022 16:43:51 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31481961, s-maxage=550761
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: cc2fd18cfb51979c694160208771840f
cdn-requestcountrycode: DE
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21010-110-150x156.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_156/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/ 1 KB
1 KB 61ms
25ms Image
image/svg+xml 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_156/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/21010-110-150x156.jpg
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 24fb52cada48a74bfd6a4fd5ca5698476e42e8f0479a1dae19597004cc078f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cdn-edgestorageid: 766
access-control-allow-origin: *
cdn-cachedat: 04/22/2022 12:07:21
cdn-pullzone: 257218
cdn-tag: 0; Domain: hellbergsalesandservice.com; 200
xtag-sp-debug: SLT: 0.009
server: BunnyCDN-AMS1-879
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Mon, 27 Mar 2023 13:22:05 GMT
last-modified: Sun, 27 Mar 2022 14:22:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=29453949, s-maxage=604800
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 4404c8451855ec0dbfa2cf0737fb94d3
cdn-requestcountrycode: DE
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/21010-110-150x156.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 21008-110-150x132.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_132/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/ 1 KB
1 KB 140ms
104ms Image
image/svg+xml 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_132/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/21008-110-150x132.jpg
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 3634f0339e7dfafdb9dc04600717647a642f221387a007c0a53df4bb8841f629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cdn-edgestorageid: 883
access-control-allow-origin: *
cdn-cachedat: 04/22/2022 12:07:21
cdn-pullzone: 257218
cdn-tag: 0; Domain: hellbergsalesandservice.com; 200
xtag-sp-debug: SLT: 0.007
server: BunnyCDN-AMS1-879
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Mon, 27 Mar 2023 13:22:02 GMT
last-modified: Sun, 27 Mar 2022 14:22:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=29294081, s-maxage=604800
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 85e5208f92de375eb38bbcad3d3ab82b
cdn-requestcountrycode: DE
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/04/21008-110-150x132.jpg>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
hellbergsalesandservice.com/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 9ms
7ms Script
application/x-javascript 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.3
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3973
pragma: public
referrer-policy
last-modified: Fri, 15 Apr 2022 15:45:56 GMT
server: WPX CLOUD/FF
etag: "2655-62599334-0;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:15 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 297 KB
70 KB 84ms
15ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9dee15ce910f7c38851c0f552327b2a1868ccde11bd5ca6286abf9d4c8b91684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 6
x-cache: HIT
content-length: 71671
etag: "a5439317a3d814d6d3017cce646feb2b"
x-request-id: 847e04bc-6525-4fed-9a6c-8fecec071ee7
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 18:17:00 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 e-202216.js Show response
stats.wp.com/ 9 KB
3 KB 15ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202216.js
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT ams
date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 10 Apr 2023 04:41:20 GMT

GET
H2 200 autoptimize_c2af18d0f3b4ebd6f9f694f3c6edf70f.js Show response
hellbergsalesandservice.com/wp-content/cache/autoptimize/js/ 999 KB
257 KB 9ms
7ms Script
application/x-javascript 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/js/autoptimize_c2af18d0f3b4ebd6f9f694f3c6edf70f.js
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 1a4fc39d7146a4d76f4f84556845887ef17ec8e51509aa0c01eeded2d6adb840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 262595
pragma: public
referrer-policy
last-modified: Tue, 19 Apr 2022 17:18:21 GMT
server: WPX CLOUD/FF
etag: "f9b16-625eeedd-0;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public, immutable,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:39 GMT

GET
H2 200 wp-emoji-release.min.js Show response
hellbergsalesandservice.com/wp-includes/js/ 18 KB
5 KB 30ms
28ms Script
application/x-javascript 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4539
pragma: public
referrer-policy
last-modified: Wed, 21 Jul 2021 03:45:20 GMT
server: WPX CLOUD/FF
etag: "4705-60f79850-0;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:15 GMT

GET
H2 200 universal.js Show response
static.mailerlite.com/js/ 16 KB
5 KB 67ms
31ms Script
application/javascript 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/universal.js?v1650629

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dac047673d3732b8f58a3c3707dc2cec0fabc1752643865f75b706a9de770c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d155ca4021d-ZRH
date: Fri, 22 Apr 2022 12:07:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 08:53:44 GMT
server: cloudflare
age: 241
etag: W/"625fca18-404b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
41 KB 25ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MC9VX85

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e593595b52c794fae0f9d5051c0a438ebc91275fa786ba66db67c8b5840b7636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41808
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 42ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&display=swap&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 220934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:07 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a27a3f46901668e0116688452d5e5e1e0c4bee811e0146519d81acb2e47d0584

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 41ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans+Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMerriweather%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:27:38 GMT
x-content-type-options: nosniff
age: 221983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:27:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 38ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 37260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H2 200 fa-solid-900.woff2
hellbergsalesandservice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 17ms
15ms Font
application/font-woff2 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 78196
pragma: public
referrer-policy
last-modified: Wed, 13 Apr 2022 15:48:28 GMT
server: WPX CLOUD/FF
etag: "13174-6256f0cc-0;;;"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:15 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecbd3f1747d4b1c28bae416f0191f028937bd8ccf71be26a8f553809b60d1bec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83ef7d6964dc6462a5c584abc6108d397c80955018413299d6067aaec1db90da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 151862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:56:19 GMT

GET
H2 200 Simple-Line-Icons.woff2
hellbergsalesandservice.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 29 KB
30 KB 7ms
7ms Font
application/font-woff2 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL: https://hellbergsalesandservice.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS: wpx.net
Software: WPX CLOUD/FF /
Resource Hash: 104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Request headers

Referer: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/css/autoptimize_fdbeeb8b06f8d512d6b3c13e7efdcdc7.css
Origin: https://hellbergsalesandservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
wpx: 1
x-edge-location: WPX CLOUD/FF
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 30064
pragma: public
referrer-policy
last-modified: Thu, 31 Mar 2022 15:38:05 GMT
server: WPX CLOUD/FF
etag: "7570-6245cadd-0;;;"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public, max-age=31536000,public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:30:15 GMT

GET
H2 200 IconGreyhalf.png
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2020/08/ 1 KB
1 KB 7ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2020/08/IconGreyhalf.png?w=170&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

31c604c502df91921adcac9c00b4f0d7f3391d0e5cbbf9eb1ad76a968198b43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Apr 2022 20:27:35 GMT
server: nginx
etag: "48bd394676122902"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2020/08/IconGreyhalf.png>; rel="canonical"
content-length: 1326
expires: Mon, 08 Apr 2024 08:27:35 GMT

GET
H2 200 11001-001.jpg
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/ 31 KB
31 KB 7ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?resize=840%2C1024&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

db5f9def0bb937b4d740664d4e36bded338a2e59f16222247e8c5b042c2f04cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "18fa3fe98f7353e3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg>; rel="canonical"
content-length: 31464
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET
H2 200 universal.css
static.mailerlite.com/css/ 782 B
448 B 27ms
26ms Stylesheet
text/css 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/css/universal.css?v4

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1650629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d162e09021d-ZRH
date: Fri, 22 Apr 2022 12:07:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 08:53:36 GMT
server: cloudflare
age: 4164
etag: W/"625fca10-30e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H2 200 v9t5c5y6x5_popups.js Show response
static.mailerlite.com/data/a/3096/3096649/universal/ 6 KB
2 KB 45ms
45ms Script
application/javascript 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/data/a/3096/3096649/universal/v9t5c5y6x5_popups.js?v=1650629241

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1650629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbd4554748a9ea865268ad238a6ccd46ea7f7a6a8683b3642afa67bed11b479

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d162e0b021d-ZRH
date: Fri, 22 Apr 2022 12:07:21 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 16:06:04 GMT
server: cloudflare
etag: W/"625451ec-16b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 305 KB
109 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2840710490826089&plah=hellbergsalesandservice.com&bust=31067205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840710490826089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913421becbc0c9c5d278ee24c9d48ecbd948cb6eef2874988f1c88c6d324d25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111275
x-xss-protection: 0
server: cafe
etag: 16956532593986661569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 08AA 10 KB
5 KB 234ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2840710490826089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 22:40:53 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 22:40:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 13ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=201135506&post=23&tz=0&srv=hellbergsalesandservice.com&host=hellbergsalesandservice.com&ref=&fcp=2390&rand=0.7005183335820193
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 12:07:21 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
hellbergsalesandservice.com/product/pop-headband/ 2 KB
1 KB 7ms
7ms XHR
application/json 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL

https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22&relatedposts=1

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-content/cache/autoptimize/js/autoptimize_c2af18d0f3b4ebd6f9f694f3c6edf70f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),

Reverse DNS

wpx.net

Software

WPX CLOUD/FF / PHP/7.4.28

Resource Hash

f508a0c01b03484bb9a31f638110d184b99f2d342a5c076689dc4439bbae778c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
wpx: 1
x-edge-location: WPX CLOUD/FF
x-powered-by: PHP/7.4.28
x-cache-status: HIT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ua-compatible: IE=edge
referrer-policy
server: WPX CLOUD/FF
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
expires: Sat, 22 Apr 2023 11:31:40 GMT

GET
H2 200 m-outer-23335cd0c833d03926d94e8fb5cb0381.html Show response
js.stripe.com/v3/ Frame DD16 240 B
551 B 15ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1448090
cache-control: max-age=31536000
content-encoding: br
content-length: 140
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:07:21 GMT
etag: "23335cd0c833d03926d94e8fb5cb0381"
last-modified: Tue, 05 Apr 2022 17:50:14 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 430417
x-content-type-options: nosniff
x-request-id: d52649c9-db21-432c-8be0-d0cc46ec29a3
x-served-by: cache-cdg20781-CDG

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219644744-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1951
date: Fri, 22 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Apr 2022 13:34:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 43ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98L05XDXTY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-219644744-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c340ab8ceb742bd040c800ce55e7f865d713660f97c011a3b88461eb7280687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67829
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 84ms
61ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC9VX85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 12:07:21 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame DD16 0
346 B 482ms
162ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 t.gif
pixel.wp.com/ 43 B
71 B 12ms
12ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/t.gif?pi=23&pn=POP%20Headband&pc=Classic&pp=22.95&pt=variable&blog_id=201135506&ui=null&url=https%3A%2F%2Fhellbergsalesandservice.com&woo_version=6.4.1&cart_page_contains_cart_block=0&cart_page_contains_cart_shortcode=1&checkout_page_contains_checkout_block=0&checkout_page_contains_checkout_shortcode=1&lr=&or=&r3d=&_en=woocommerceanalytics_product_view&_ui=j1neKk8WqjePPWFhMkQjEhEM&_ut=anon&_ts=1650629241422&_tz=0&_lg=en-US&_pf=Linux%20x86_64&_ht=1200&_wd=1600&_sx=0&_sy=0&_dl=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&_dr=&_rt=1650629241423&_=_
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 12:07:21 GMT
cache-control: no-cache
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 11001-001.jpg
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/ 1 KB
1 KB 236ms
236ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?fit=82%2C100&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0372f80aa5e6b0ffdc4f84edd49f75d09e7abe2c66121ed60b559a359c30ef0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "9666d903355c8ebd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg>; rel="canonical"
content-length: 1472
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET
H2 200 POP-Junior-Hero.png
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/ 10 KB
10 KB 7ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png?fit=69%2C100&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

15998053a1192bd33aa2bc9ad6094a38a6fa13673a7cfae027f8c91a5b76ef6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:38 GMT
server: nginx
etag: "ded0e98271c33e67"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png>; rel="canonical"
content-length: 10276
expires: Sun, 21 Apr 2024 23:31:38 GMT

GET
H2 200 11001-001.jpg
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/ 144 KB
144 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?fit=1976%2C2408&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

473ee83b6ae7de17b59502c6cddc929ca45ff7b8ee7e84ae0dfc13425b84c8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "83200d788753d0d6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg>; rel="canonical"
content-length: 147342
expires: Sun, 21 Apr 2024 23:31:39 GMT

POST
H2 200 / Show response
hellbergsalesandservice.com/ 1 KB
1 KB 1385ms
1385ms XHR
application/json 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL

https://hellbergsalesandservice.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),

Reverse DNS

wpx.net

Software

WPX CLOUD/FF / PHP/7.4.28

Resource Hash

bc8a988452cded79dc3ecd67ac575ef2d73a5f7b3cac0a7ef49857b85637d1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
wpx: 1
x-edge-location: WPX CLOUD/FF
x-powered-by: PHP/7.4.28
x-pingback: https://hellbergsalesandservice.com/xmlrpc.php
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ua-compatible: IE=edge
referrer-policy
server: WPX CLOUD/FF
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hellbergsalesandservice.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 controller-f96cc2b74a3cf73569733f3ab405d00e.html Show response
js.stripe.com/v3/ Frame ECBA 349 B
567 B 16ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e705c88efb0207b5da12cedb8be9eb5965dadaca4b8d81f52be32d44e149c1fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42
cache-control: max-age=60
content-encoding: br
content-length: 166
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:07:21 GMT
etag: "f96cc2b74a3cf73569733f3ab405d00e"
last-modified: Thu, 21 Apr 2022 17:55:57 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 12
x-content-type-options: nosniff
x-request-id: f2fbfd21-e00f-438c-9c76-4a2665639170
x-served-by: cache-cdg20781-CDG

GET
H2 200 payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html Show response
js.stripe.com/v3/ Frame 3F49 434 B
769 B 16ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

533df60ccc51ae4eff3b3bb86a0305aba683846f6b421b09c8ef2c071506c62d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37
cache-control: max-age=60
content-encoding: br
content-length: 198
content-security-policy: default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:07:21 GMT
etag: "7c510847cb0b68c4848da019c7950b1f"
last-modified: Thu, 21 Apr 2022 17:56:18 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2891
x-content-type-options: nosniff
x-request-id: f6432842-6209-4f28-8d08-bf2d3d4b9ff0
x-served-by: cache-cdg20781-CDG

GET
H2 200 payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html Show response
js.stripe.com/v3/ Frame 0D1C 370 B
604 B 15ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6227db22e81d03824c4bef87c8f7ae4d78bbe489f733f3a020b75265cea6908c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 14
cache-control: max-age=60
content-encoding: br
content-length: 178
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:07:21 GMT
etag: "62750e02d90efc72cb44f626bc945e99"
last-modified: Thu, 21 Apr 2022 17:56:18 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: e7997bcc-ef15-4214-961a-a3adfe0ae40f
x-served-by: cache-cdg20781-CDG

POST
H2 200 / Show response
hellbergsalesandservice.com/ 1 KB
1 KB 1368ms
1368ms XHR
application/json 194.1.147.81
WPX

General

Check archive.org

Show headers Download Go to

Full URL

https://hellbergsalesandservice.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

194.1.147.81 Chicago, United States, ASN210250 (WPX, BG),

Reverse DNS

wpx.net

Software

WPX CLOUD/FF / PHP/7.4.28

Resource Hash

bc8a988452cded79dc3ecd67ac575ef2d73a5f7b3cac0a7ef49857b85637d1a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
wpx: 1
x-edge-location: WPX CLOUD/FF
x-powered-by: PHP/7.4.28
x-pingback: https://hellbergsalesandservice.com/xmlrpc.php
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ua-compatible: IE=edge
referrer-policy
server: WPX CLOUD/FF
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hellbergsalesandservice.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DD16 1 KB
800 B 15ms
15ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 29
x-cache: HIT
content-length: 645
etag: "d0c7e21ec457b6a134a496f107c3ca93"
x-request-id: e1ca5efe-8471-489c-ba12-2e9865d7c806
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 17:50:29 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 52

POST
H2 200 csp-report
q.stripe.com/ Frame ECBA 0
347 B 379ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3F49 0
346 B 533ms
318ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0D1C 0
346 B 375ms
162ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 page.html Show response
static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/ Frame 9D90 30 KB
5 KB 58ms
58ms Document
text/html 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1650629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698ac2cdc8805eb60828e3c0869aa675b8ccd58bd84b3e43e60400776f9bf15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 6ffe3d17b875021d-ZRH
content-encoding: br
content-type: text/html
date: Fri, 22 Apr 2022 12:07:21 GMT
etag: W/"61eb1583-7895"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 21 Jan 2022 20:20:19 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 shared-9d3547a0824b11a7fc641f4b6e98bd8e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ECBA 219 KB
54 KB 32ms
31ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

305f91495b2be25b65c82930af0daf4cd150fb80cd35d1c76392b62fb24dd581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 55202
etag: "8e95fd18c7cbac2fd107f3950c8d3627"
x-request-id: 10841664-a6cb-4187-8338-0da558e90168
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 17:56:03 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 controller-a0235810693cd007de228a43036c2805.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ECBA 378 KB
93 KB 34ms
34ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a0235810693cd007de228a43036c2805.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ef9c6f82a437a025730b2d956eef25703b28cd4921911f14b889e4fedca61fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f96cc2b74a3cf73569733f3ab405d00e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 94918
etag: "1ad5d9b11d4df48b598109a304338811"
x-request-id: 53c302dc-890f-4f5a-bec6-757873e1725a
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 17:56:00 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 3F49 95 KB
31 KB 106ms
63ms Script
application/javascript 2a00:1450:400c:c1b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d9b157d7d07680e7a086016c2407b912e07a0240676e0f2519ca181db578d68

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YPTOGlZ5aBpMWxhXb5qB3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-YPTOGlZ5aBpMWxhXb5qB3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-YPTOGlZ5aBpMWxhXb5qB3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-YPTOGlZ5aBpMWxhXb5qB3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Fri, 22 Apr 2022 12:07:21 GMT

GET
H2 200 shared-9d3547a0824b11a7fc641f4b6e98bd8e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F49 219 KB
54 KB 70ms
69ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

305f91495b2be25b65c82930af0daf4cd150fb80cd35d1c76392b62fb24dd581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 55202
etag: "8e95fd18c7cbac2fd107f3950c8d3627"
x-request-id: 949e21a9-0ab2-4a3f-b84a-3608cdac0245
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 17:56:03 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H2 200 payment-request-inner-google-pay-fc381c64f8a4e017ee78b0a9e5a1f215.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F49 13 KB
4 KB 70ms
70ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-fc381c64f8a4e017ee78b0a9e5a1f215.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

039571e227a5832dad1268c33d53aecd640bef54c0dc685edab6cb07fa2b5110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-7c510847cb0b68c4848da019c7950b1f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 14
x-cache: HIT
content-length: 4368
etag: "4151c4aaaf8b707b78093a3956fcac05"
x-request-id: 8f93d2a4-648a-45b1-86f0-24ccb539dd47
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 14 Apr 2022 18:18:46 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-9d3547a0824b11a7fc641f4b6e98bd8e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0D1C 219 KB
54 KB 70ms
69ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

305f91495b2be25b65c82930af0daf4cd150fb80cd35d1c76392b62fb24dd581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 55202
etag: "8e95fd18c7cbac2fd107f3950c8d3627"
x-request-id: d8600a35-cc00-49d0-9208-076811d9c431
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 17:56:03 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 payment-request-inner-browser-436d46ec490a57fe21000b2c2edf4ad7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0D1C 11 KB
4 KB 70ms
70ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-436d46ec490a57fe21000b2c2edf4ad7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

df186551fdaf87b6db719eec7a8d1f0a6349b3b60cff29bd8914595566648733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-62750e02d90efc72cb44f626bc945e99.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 37
x-cache: HIT
content-length: 4070
etag: "0aed886efc0df70c2ab6647f321bb463"
x-request-id: f61189de-1748-4db8-bbfa-677e090b38a0
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 18:35:06 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=18707551&t=pageview&_s=1&dl=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&ul=en-us&de=UTF-8&dt=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1199526932&gjid=1405422379&cid=1826048250.1650629242&tid=UA-219644744-1&_gid=1116988039.1650629242&_r=1&gtm=2ou4k0&did=dZTNiMT&gdid=dZTNiMT&z=130583221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellbergsalesandservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
16ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-98L05XDXTY&gtm=2oe4k0&_p=18707551&_z=ccd.NbB&cid=1826048250.1650629242&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1650629241&sct=1&seg=0&dl=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&dt=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98L05XDXTY&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hellbergsalesandservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/950131311/ 2 KB
1 KB 38ms
21ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/950131311/?random=1650629241580&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

8fd808c2a8bcd944c9ccb359ffe919b591d19d9dbf64753d39c3dbb8a8140993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7073 930 B
2 KB 58ms
9ms Document
text/html 2600:9000:2156:3600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:06:46 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
x-amz-cf-id: v_GXDVcfD8HcC17QSGeKe-VVeDl0RTwyxtawaA2TbB-UuUnuiRUqVg==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 231 B
655 B 40ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hellbergsalesandservice.com&callback=_gfp_s_&client=ca-pub-2840710490826089

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2840710490826089&plah=hellbergsalesandservice.com&bust=31067205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e117523cb4f7fea4fbc9bccb65b245f3cabe0bac611bd3862a6b1d016ef80693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hellbergsalesandservice.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hellbergsalesandservice.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F5F8 246 KB
63 KB 540ms
524ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&adk=1812271804&adf=3025194257&lmt=1650629241&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629241302&bpp=2&bdt=339&idt=323&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7798177278164&frm=20&pv=2&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=346

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63de32818893adf1469b13ec41df0462d3eb2b011b5a014f5925387aafdbc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7073 0
120 B 389ms
320ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
x-envoy-upstream-service-time: 2
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 bootstrap-4.3.1.min.css
cdn.remotecompany.com/ml/bootstrap/css/ Frame 9D90 152 KB
24 KB 133ms
86ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.remotecompany.com/ml/bootstrap/css/bootstrap-4.3.1.min.css
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340
access-control-allow-methods: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 12:01:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20zT3l0T7BWMivsbMEW0ZhlY1n6LtptwCvHQi7Iz41%2FNVvKk1%2B6rIH4vZ35dW%2FbEREcwIhkD4CrsLWlckGI2f1agyhw20MP562KSkXxY0jxN42wo%2B3fqkzojs3NehAWPX8OcoAxpxc1aCOW3nfOlRNIVvTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6ffe3d18f86c3762-MXP

GET
H2 200 jquery-3.3.1.slim.min.js Show response
cdn.remotecompany.com/ml/jquery/ Frame 9D90 68 KB
25 KB 102ms
56ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.remotecompany.com/ml/jquery/jquery-3.3.1.slim.min.js
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37c6f7d5a009da940943dc23de6ede50599df22dda28346aeebb4649bd9cb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 352
access-control-allow-methods: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 12:01:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQFuPFuUr8b2kM4fhfwASm37uacay%2B5tWkrHL%2B1CWFQUlUlpL2Y6S891MXGW20pFelAH6nd5ML7q7PJuOp4ITM5ye3msn6oO6Q3j8PA2FT%2BQhxQ8C84yroj83vLnKXQR9PRnvH2NkVU5GSVl25OJZ5yqDlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6ffe3d18f8733762-MXP

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 9D90 21 KB
7 KB 49ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.mailerlite.com/
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1328413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDjbmKQ4%2FaVTFxMIwAdXmhZQCPM628hlb4Kl%2FALaQn3KZB%2F7iouSmBUKsAeAX0a9KaGd6MNJiax%2FIdz4OxtcOCBubVSCFehrzuoB%2BIEiIK0%2FfrnC1zMQAIS1JXc1zmhjSm6PXVi8ALqkseEe%2B%2F31ArHr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ffe3d18dedacc4e-ZRH
expires: Wed, 12 Apr 2023 12:07:21 GMT

GET
H2 200 bootstrap-4.3.1.min.js Show response
cdn.remotecompany.com/ml/bootstrap/js/ Frame 9D90 57 KB
16 KB 122ms
76ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.remotecompany.com/ml/bootstrap/js/bootstrap-4.3.1.min.js
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1601
access-control-allow-methods: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 11:40:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZWd26w2WdFWKs3negKLcz2gJkUIfK3Hm%2FIukXgA%2B03kIORrpa%2BGhwnokRwBDCcQ9K1IxxXqTYNKDvFqHY7HFN0YRnliqn9Ru6OBz2mmUYfDd4pzcsjZ6YPPWUXtZ2EzzQce5Mhebs%2FLx%2B7vvmxWJEIFmOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6ffe3d18f8723762-MXP

GET
H2 200 webforms.min.js Show response
static.mailerlite.com/js/w/ Frame 9D90 8 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/webforms.min.js?v0c75f831c56857441820dcec3163967c

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e687bb3113c8813f3aff4fc5b1026de59036adba2a5d6983b2e34e759fac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d18a9de021d-ZRH
date: Fri, 22 Apr 2022 12:07:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 08:53:54 GMT
server: cloudflare
age: 1737
etag: W/"625fca22-20ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H2 200 import.css
static.mailerlite.com/assets/plugins/groot/modules/includes/groot_fonts/ Frame 9D90 1 KB
527 B 43ms
42ms Stylesheet
text/css 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/assets/plugins/groot/modules/includes/groot_fonts/import.css?version=1642775

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661df990b4174d442ab319411b1521a5be47d5162eb9cd2428f91ff21f85ffd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d18a9dc021d-ZRH
date: Fri, 22 Apr 2022 12:07:21 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 08:51:32 GMT
server: cloudflare
age: 6257
etag: W/"625fc994-406"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 9D90 850 B
968 B 40ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

631dd665d698d6f57e419ac9a7de2153e0002a255a1db8dea40da318fad21260

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 22 Apr 2022 12:07:21 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 344ms
303ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2

200

/
www.google.de/pagead/1p-conversion/950131311/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
548 B

47ms
24ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eZpiYpz7JYKG9fgPuLqtqAI&eitems=ChAI8KSJkwYQqbK09dW3_fMnEh0A5p-hFRy28gwCZRPWpxxbaYLa_9zC_v1wgVykUg&random=3579614658&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCy56fvsS6WdQQt-KmghSqu2kqTjgjYbPFHPwO63DhPTlbs7aUJApPS68sBbETAGX9kFaPjzUZnqL2dUEZK6asg

Requested by

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/950131311/?random=130273201&cv=9&fst=1650629241580&num=1&value=0&label=-WFICNGi86kDEO-0h8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&tiba=POP%20Headband%20-%20Hellberg%20Sales%20and%20Service%3A%20Clear%20and%20Sound%20Solutions&auid=306439661.1650629241&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eZpiYpz7JYKG9fgPuLqtqAI&eitems=ChAI8KSJkwYQqbK09dW3_fMnEh0A5p-hFRy28gwCZRPWpxxbaYLa_9zC_v1wgVykUg&random=3579614658&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hCy56fvsS6WdQQt-KmghSqu2kqTjgjYbPFHPwO63DhPTlbs7aUJApPS68sBbETAGX9kFaPjzUZnqL2dUEZK6asg
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 7073 86 KB
14 KB 16ms
15ms Script
text/javascript 2600:9000:2156:3600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:3600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 224
x-cache: Hit from cloudfront
date: Fri, 22 Apr 2022 12:03:42 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: aFGNbPDjGdNtkUwmzxo04Yo4U9weXje4wePh7q9VqcOipjd62_AxQA==

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 304ms
304ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 303ms
303ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 302ms
302ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 300ms
300ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 300ms
300ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 300ms
300ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 299ms
299ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 298ms
298ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 297ms
297ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 298ms
298ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C933 18 KB
7 KB 110ms
71ms Document
text/html 2a00:1450:400c:c1b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5fc45bacdf1657dd2df04a8b5edfc34b4c83b3a9e18d7dbe3edf0de51398fb9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yRGsItA+pXwfdn9eYis5eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yRGsItA+pXwfdn9eYis5eQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yRGsItA+pXwfdn9eYis5eQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-yRGsItA+pXwfdn9eYis5eQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Fri, 22 Apr 2022 12:07:21 GMT
expires: Fri, 22 Apr 2022 12:07:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 272ms
272ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C933 2 KB
2 KB 19ms
19ms Other
text/html 2a00:1450:400c:c1b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 6 Show response
m.stripe.com/ Frame 7073 156 B
522 B 482ms
163ms XHR
application/json 54.148.197.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.197.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-197-171.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a180bc59f6bd620fd823742e7f2938b573bc63af547088e796a5f3ca4aa956c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 jquery.min.js Show response
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/ Frame 9D90 91 KB
34 KB 33ms
32ms Script
application/javascript 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v0c75f831c56857441820dcec3163967c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2987
last-modified: Thu, 31 Mar 2022 13:37:35 GMT
server: cloudflare
etag: W/"6245ae9f-16dc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6ffe3d1a2c96021d-ZRH
expires: Wed, 27 Apr 2022 12:07:21 GMT

GET
H2 200 css
fonts.mailerlite.com/ Frame 9D90 165 KB
7 KB 109ms
107ms Stylesheet
text/css 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/assets/plugins/groot/modules/includes/groot_fonts/import.css?version=1642775
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0f94c01fa36109ac15278891609346dacfce735bc6497401bd7e31df55be10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
cf-ray: 6ffe3d1a2ca6021d-ZRH

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame C933 148 KB
52 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78f75d86ac3cb8fc4e54ac0aaa38d72e6064c07aaf900cbbae41b4edd83a6a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 17:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52930
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 13:44:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 17:08:27 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRG... Frame C933 77 KB
28 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRGKty8UOIM.L.B1.O/am=DAAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfria0Q6U4LZAw5DjDA8h-S3_3dLTyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6fff41cc7237157d027108f0eff7b36eafef45f20a873bdb5d9602a46294514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 17:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28618
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 22:39:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 17:08:27 GMT

GET
H2 200 ml_jQuery.inputmask.bundle.min.js Show response
static.mailerlite.com/js/w/ Frame 9D90 69 KB
21 KB 38ms
38ms Script
application/javascript 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v0c75f831c56857441820dcec3163967c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

cf-ray: 6ffe3d1a9d7d021d-ZRH
date: Fri, 22 Apr 2022 12:07:22 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 08:53:54 GMT
server: cloudflare
age: 2162
etag: W/"625fca22-1153a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=432000
strict-transport-security: max-age=63072000
content-encoding: br
expires: Wed, 27 Apr 2022 12:07:22 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C933 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRGKty8UOIM.L.B1.O/am=DAAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfria0Q6U4LZAw5DjDA8h-S3_3dLTyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1952
date: Fri, 22 Apr 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Apr 2022 13:34:50 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C933 1 MB
346 KB 70ms
70ms XHR
text/html 2a00:1450:400c:c1b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8775340180ca24e6332fb43a49633c31b805efb097f65b3800a3e664b7fce982

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IHaLyEvcOuJqYoQL6IIRHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-IHaLyEvcOuJqYoQL6IIRHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date: Fri, 22 Apr 2022 12:07:22 GMT
x-frame-options: DENY
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-IHaLyEvcOuJqYoQL6IIRHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-IHaLyEvcOuJqYoQL6IIRHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 9D90 364 KB
144 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.mailerlite.com/
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:59:22 GMT

GET
H2 200 f95beaa4588e8998b6e8d131e31bedb4f3574821.png
bucket.mlcdn.com/a/3096/3096649/images/ Frame 9D90 731 KB
732 KB 55ms
23ms Image
image/webp 2606:4700:10::6816:7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.mlcdn.com/a/3096/3096649/images/f95beaa4588e8998b6e8d131e31bedb4f3574821.png
Requested by: Host: static.mailerlite.com
URL: https://static.mailerlite.com/data/a/3096/3096649/webforms/u5f0i6/3966/3966835/page.html?v=1650629241
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4df625ca09eb3827efc1f33d961efd04b1557c4d6a4aaf235e89041412480f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.mailerlite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
cf-cache-status: HIT
age: 1733
cf-polished: origFmt=png, origSize=1153637
cf-ray: 6ffe3d1b2b46cc3e-ZRH
content-disposition: inline; filename="f95beaa4588e8998b6e8d131e31bedb4f3574821.webp"
content-length: 748380
x-amz-id-2: r5vJLNX4C8p+2bwqBQ35SrobI3t+ZqJ9V5Sx9eqJDGhjfklE7gs5tXywnO+kpCmPhetR3QsvjLI=
last-modified: Wed, 21 Apr 2021 21:26:52 GMT
server: cloudflare
etag: "c1edca69ad3ef878c0dc54fc4f49903e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 77C4Q90ARV3GB1CJ
cache-control: max-age=691200
x-amz-version-id: null
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.mailerlite.com/fonts/s/poppins/v19/ Frame 9D90 8 KB
8 KB 70ms
37ms Font
font/woff2 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1307971
content-length: 7884
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ffe3d1b294f0215-ZRH
expires: Sat, 22 Apr 2023 12:07:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.mailerlite.com/fonts/s/roboto/v29/ Frame 9D90 15 KB
16 KB 64ms
36ms Font
font/woff2 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1307910
content-length: 15828
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ffe3d1b29590215-ZRH
expires: Sat, 22 Apr 2023 12:07:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.mailerlite.com/fonts/s/poppins/v19/ Frame 9D90 8 KB
8 KB 60ms
36ms Font
font/woff2 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1307971
content-length: 7816
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ffe3d1b29540215-ZRH
expires: Sat, 22 Apr 2023 12:07:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.mailerlite.com/fonts/s/roboto/v29/ Frame 9D90 15 KB
15 KB 74ms
52ms Font
font/woff2 2606:4700:4400::ac40:9996
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.mailerlite.com/fonts/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9996 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin: https://static.mailerlite.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1307931
content-length: 15688
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ffe3d1b29520215-ZRH
expires: Sat, 22 Apr 2023 12:07:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 39ms
25ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
17ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 30ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
18ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 31ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 31ms
17ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 31ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 25ms
16ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 35ms
21ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 21ms
17ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRG... Frame C933 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRGKty8UOIM.L.B1.O/am=DAAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfria0Q6U4LZAw5DjDA8h-S3_3dLTyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7365371a15c90f4fad5ce73db0143325579f90af5ddcddf80d07879e00bafa52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 17:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 22:39:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 17:08:27 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRG... Frame C933 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.iRGKty8UOIM.L.B1.O/am=DAAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfria0Q6U4LZAw5DjDA8h-S3_3dLTyA/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a761272fd9d6f72fe1a8bbbeb3191dcc4377f2bb992d26aeea4e257393b5df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 17:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14138
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 22:39:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 17:08:27 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C0EF 43 KB
22 KB 28ms
28ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zdGF0aWMubWFpbGVybGl0ZS5jb206NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&size=normal&cb=3ptunsmmp14b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51edb462367ca9fab50ed4ab9b774955dacb067cf0137568f850474f85ba727e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z9Xuuv6HrHvpA+zBkPKYcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.mailerlite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22814
content-security-policy: script-src 'report-sample' 'nonce-z9Xuuv6HrHvpA+zBkPKYcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 33ms
32ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
14ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 163ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 162ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 163ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 162ms
161ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html Show response
js.stripe.com/v3/ Frame E6E6 829 B
930 B 16ms
15ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2eaa824c57c8fc4e19d166ed7c300f14d07e264faf23e71cbde5407b9384d8a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 65358
cache-control: max-age=31536000
content-encoding: br
content-length: 311
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 12:07:22 GMT
etag: "15efc61e4aebb6e0ac67d7a3c44acc3a"
last-modified: Thu, 21 Apr 2022 17:56:18 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 653
x-content-type-options: nosniff
x-request-id: d44f7a81-6005-4b0e-9f11-3969623e13ea
x-served-by: cache-cdg20781-CDG

POST
H3 200 log Show response
play.google.com/ Frame C933 131 B
155 B 16ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.hpG4i_psPB8.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfri8reUhrPa32bi7c6o7wBHuQ7ESnA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 296ms
295ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 296ms
296ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame E6E6 0
346 B 281ms
280ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/product/pop-headband/?utm_source=newsletter&utm_medium=email&utm_campaign=hellberg_new_product_announcement&utm_term=2022-04-22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 1
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame C0EF 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zdGF0aWMubWFpbGVybGl0ZS5jb206NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&size=normal&cb=3ptunsmmp14b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:26:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame C0EF 364 KB
144 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:59:22 GMT

GET
H2 200 ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css
js.stripe.com/v3/fingerprinted/css/ Frame E6E6 15 KB
3 KB 16ms
16ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-46e93b3755a485133d7e5e7e1db48eaf.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 38
x-cache: HIT
content-length: 2474
etag: "7c0a4ba6a732ed01cc27774f97bbe8bd"
x-request-id: 300b2701-9b69-4f7e-bd03-aaba34494391
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 18:02:17 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:22 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css
js.stripe.com/v3/fingerprinted/css/ Frame E6E6 7 KB
2 KB 80ms
79ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-abd2b5dfc862df7687f0bde35b5d6f0f.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 12
x-cache: HIT
content-length: 1474
etag: "306b18c070c36050e39ae6989acb2812"
x-request-id: 03bb2a3f-a539-4f76-8575-a5e4f7daec8f
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Tue, 08 Mar 2022 20:28:40 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:22 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 shared-9d3547a0824b11a7fc641f4b6e98bd8e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6E6 219 KB
54 KB 24ms
24ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

305f91495b2be25b65c82930af0daf4cd150fb80cd35d1c76392b62fb24dd581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: HIT
content-length: 55202
etag: "8e95fd18c7cbac2fd107f3950c8d3627"
x-request-id: 57328949-7714-4949-b663-f51887abd0a1
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Thu, 21 Apr 2022 17:56:03 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19

GET
H2 200 ui-shared-c42573dd9c7874f1be85c1f6a40e9847.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6E6 215 KB
61 KB 24ms
23ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-c42573dd9c7874f1be85c1f6a40e9847.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a77dde98b819b7bb2b0c5d185d0f04c1081838276076a953fd4eef641ea1e5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 5
x-cache: HIT
content-length: 62551
etag: "79d59ce2c4116d906d403e0a2fd0c0c6"
x-request-id: daa833af-26eb-4aa7-b481-b36f6b51853d
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Tue, 19 Apr 2022 18:35:00 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 elements-inner-payment-request-2bc8354c86a9c13dd9ae24be7f24abb6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6E6 44 KB
13 KB 118ms
118ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-2bc8354c86a9c13dd9ae24be7f24abb6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f250fc4e88b19c1500c338a022bf6e2d9f01d4bf61ba491f36f0151eab214e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-15efc61e4aebb6e0ac67d7a3c44acc3a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: HIT
content-length: 13177
etag: "5663f8b3a3f515f1a6211cc1aea3d9ea"
x-request-id: b696a2df-7cb8-4bdc-a146-493b64aae68e
x-served-by: cache-cdg20781-CDG
access-control-allow-origin: *
last-modified: Tue, 05 Apr 2022 17:50:18 GMT
server: Fastly
date: Fri, 22 Apr 2022 12:07:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 145 KB
51 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/reactive_library_fy2019.js?bust=31067205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e7601b976a9a41ef881e033b97ea1ba95936bf2fc383d6de8c93bc089696bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52689
x-xss-protection: 0
server: cafe
etag: 5680780379564904189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 40ms
26ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hellbergsalesandservice.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hellbergsalesandservice.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A72D 97 KB
34 KB 579ms
573ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8306a84dae66a80fe39f1699a1bacabfd075b5b84fb45e6d3ac2e65ebfa730f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 12:07:23 GMT
expires: Fri, 22 Apr 2022 12:07:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C0EF 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C0EF 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C0EF 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 59233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Apr 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C0EF 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 241241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 17:06:41 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame 8634 10 KB
4 KB 11ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 23:14:41 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 23:14:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame BDE2 10 KB
4 KB 11ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 23:14:41 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 23:14:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C0EF 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

20b97f4764680efdd44b021cb57bfb2b93850d0aaf8af024986393b0cb80f2d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zdGF0aWMubWFpbGVybGl0ZS5jb206NDQz&hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&size=normal&cb=3ptunsmmp14b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame ACBE 7 KB
1 KB 21ms
21ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75e891f33a08511b948b1e3a0ca871538d3068c5e60a1e473764f9151e5f18e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UAbbzMtVUeut5Ec97j4uog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.mailerlite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1112
content-security-policy: script-src 'report-sample' 'nonce-UAbbzMtVUeut5Ec97j4uog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ Frame 8634 4 KB
634 B 45ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:58:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 12:07:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8634 205 B
229 B 7ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:05:10 GMT
x-content-type-options: nosniff
age: 132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Apr 2023 12:05:10 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8634 604 B
628 B 8ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 10:22:53 GMT
x-content-type-options: nosniff
age: 6269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Apr 2023 10:22:53 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 8634 19 KB
9 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 13275616604445095965
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:06:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BDE2 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB2UceZpiYs-2K57QtwepiKrIC_acr8Fo8LCkvvIPhN_9rZYOEAEgzMaDkAFgleKQgqAHoAH25pXmA8gBAqkCkmz4C7Mgsj6oAwHIA8kEqgSDAk_QtIJLk50jaapOHHnd7OP2_XqX1NGpcK3UNUcH48KgGYUMOs8AGisRI17k1Ak8HQa5Byl9uhdpD7mrwW-7tBsx21QHPgBxxVQw9c-r3mEmtV51aqSMBcGRDwpz2Hxi8gEQOZTBIm-Xi2j9MuTB0yaqHVPc0FX-NKrxHmM_UyHydSW_GneM3A6kN0ixTEK7rt80Q7Lwr4LuoTXd6zXOtih_jxZ4k1jKJmeZp4j_1_olO7h4fjVXI6m8sKIwMRC7yBHn5ekXkTzn285Q_SrvlohppECS_tqb32KyarVfFsyBZ3d_5Rmt-hx8NsR2tEXh9gvDAMwEimlGpBLeZ-2I5Vf2bXvABIKxhsXfA5IFBAgEGAGSBQQIBRgEoAYCgAfymOoZqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqJIm0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI4NDA3MTA0OTA4MjYwODkYAA&sigh=Z2Z10_Nj44I&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Apr 2022 12:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame BDE2 19 KB
8 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:05:39 GMT

GET
H2 200 11647291418066247518
tpc.googlesyndication.com/simgad/ Frame BDE2 35 KB
35 KB 36ms
21ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11647291418066247518?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnNt3F8pey86VIerPr67J4i6L-a6w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0894a2c339457b7bc4aa93d81b80480913a793d68198c6a97be63c836258ed03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 09:13:18 GMT
x-content-type-options: nosniff
age: 183244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35380
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:11:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 09:13:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame BDE2 3 KB
1 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:02:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame BDE2 15 KB
6 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:02:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDE2 119 KB
37 KB 54ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame BDE2 30 KB
12 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b908eeefccb37c13fe231446076542ee01e22fdbc20bab5c25d6e0387d65134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 22:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12173
x-xss-protection: 0
server: cafe
etag: 1654853648874323205
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 22:48:25 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame ACBE 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:26:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:26:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame ACBE 364 KB
144 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QENb_qRrX0-mQMyENQjD6Fuj&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147479
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 11:59:22 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 162ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4611 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 11:08:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 162ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 css
fonts.googleapis.com/ Frame FC03 8 KB
892 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:54:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 12:07:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FC03 2 KB
984 B 308ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 11:59:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame FC03 19 KB
8 KB 308ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:05:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FC03 3 KB
1 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:02:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame FC03 15 KB
6 KB 307ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:02:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC03 119 KB
36 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 12:07:22 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame FC03 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 10:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 10:34:11 GMT

GET
DATA 200
OK truncated
/ Frame BDE2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5707b535b1fd9bd1c1762f2dadc4c2c0f1ddf304c53771cdb178b60633f4752

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 163ms
163ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4611
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

74ms
73ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
expires: Fri, 22 Apr 2022 12:07:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Apr 2022 12:07:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C77 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 07:28:23 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5153 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 07:28:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A72D 8 KB
892 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 11:59:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 12:07:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 12:07:23 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame A72D 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 11:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 11:59:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame A72D 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:06:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame A72D 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:05:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A72D 119 KB
36 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 12:07:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame A72D 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 12:02:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A72D 0
0 15ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4Vubhew6CdYNbX-TKhfn6losV37eYR4rseORvu72kQReODY2Pi539EGMVvp7BNoFi21t6KVT9q8gniniyJWxrapo0eA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame A72D 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 10:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 10:34:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A72D 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL59NeppiYueCHpfvtwff1qeoCuq-o5Bo-I2asboJ2tkeEAEgzMaDkAFgleKQgqAHoAG117fSA8gBCakC407Cjv4psj6oAwHIA8sEqgSQAk_QA0PLhq3EYKY4AISxK0B5cTZH4lakpwsD1EeaTwUQBqrGxS_dji4Lo5zMbyfVQ6zbbEFSHtkwKsUxUTEls_n5rYBBVUyCzf2XzJ7SJiBXdJE0mF4-pZkjxGPC8lzvLt9MPOfEkxWgBPWOaCMGaJi3dAQnm2ikuzMNehLbg1QgCCs7cvnJosYuRX5TyG_bR7BXw50nl3AnRxxrsPnj6jm7Nsy7hSNGlyy0mDmjXAOdqpXoU2XIfI_vb7ETWWh3EvAxOaUh021T1Q7LihZ7WhXDjBK8BvEQI-VuZJPhVnaDATvTO_4AWxC42teSrHl9Ohjlhnlxb2WHGNiLh2Xb17TODoptag8z_wJsq6sGHP45wATc94OFzQGSBQQIBBgBkgUECAUYBKAGLoAHs6jILagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENySogTSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTI4NDA3MTA0OTA4MjYwODkYAA&sigh=rUpn-W54e_M&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Apr 2022 12:07:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/989539313979356973/ Frame A72D 25 KB
25 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/989539313979356973/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015573fea5888d9399b84e1d58d97d104dec34390951f0175b6668fdb41f2d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 05:36:58 GMT
x-content-type-options: nosniff
age: 109825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25727
x-xss-protection: 0
last-modified: Sat, 13 Apr 2019 16:34:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Apr 2023 05:36:58 GMT

GET
DATA 200
OK truncated
/ Frame A72D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A72D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B2A 1 KB
749 B 13ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sat, 23 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A72D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a05e37f5e54dcd057d88025656625a1e025951f4103dca550e90b2e5f44ef365

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame A72D 28 KB
28 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 222823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6B2A 35 B
464 B 27ms
9ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOhzw5aYazA1oWgs29DOtgM&google_cver=1&google_push=AYg5qPJ2jOF1GWZsNHM6NPiZHn31h7WwotKNJV_tdIG4tsOdWzuJzBjyPsCB7nEG8lj0IaP-z0O_BcaCB1TapRCEpsunsLHEJb3N

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKZuT7M...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKZuT7M...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIxMjA3MjQwMDAxMDgxMzE0Mzc5MA%3D%3D&google_push=AYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VL...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIxMjA3MjQwMDAxMDgxMzE0Mzc5MA%3D%3D&google_push=AYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VLN5KyQgIy09Vhf8LINWR9v8pOaq825q

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIxMjA3MjQwMDAxMDgxMzE0Mzc5MA%3D%3D&google_push=AYg5qPKZuT7MMkSJ5hNH_ABdFjTmdf9PGMxLn-L-lmjLrEFqgfJuvmvZ2dvlKGeKVDd-VLN5KyQgIy09Vhf8LINWR9v8pOaq825q
pragma: no-cache
date: Fri, 22 Apr 2022 12:07:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 22 Apr 2022 12:07:24 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6B2A 43 B
356 B 33ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOp5nyi3OECmWOBd5ZdEMDY&google_push=AYg5qPI2WBNucH9s9jvwKBsP1MR9M7QBJT2HR0DVTpmR8UYRTt_-2MCm_Rjtp_0WYUzGQCXqicG4oBnIxDhknf3LURK7djYY4FPc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:23 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6B2A 43 B
351 B 46ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELfm2xZnhUMxVc9dLmcCFNI&google_cver=1&google_push=AYg5qPJ-zu63qzS-ZezoVshjOwRmO1F9M75lVo0QMWI5H1WuiBiB_wzQMbv4Qf57fQEfwLDXs0Kz04AXKIY7ya1EsKB9FonZvIaW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: d64vvotfbh2ljfpp08lqrqcnucrvpfos

GET

pixel
cm.g.doubleclick.net/ Frame 6B2A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrn...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 6B2A 43 B
296 B 226ms
19ms Image
image/gif 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIWdzt8UXgUMrLlJ3fktCw4&google_cver=1&google_push=AYg5qPKAw4MHdTriEQ6XQPyRneUXUaQ4RE_2OYwY1I2s6pTre4NyC03Riu439QWPcilV5QtQrRwC3diOA-Xk24LPyMchtUEiE7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2840710490826089&output=html&h=280&adk=3047041060&adf=2046138633&pi=t.aa~a.3941434050~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1650629242&rafmt=1&to=qs&pwprc=9855348887&psa=0&format=1200x280&url=https%3A%2F%2Fhellbergsalesandservice.com%2Fproduct%2Fpop-headband%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dhellberg_new_product_announcement%26utm_term%3D2022-04-22&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650629242276&bpp=2&bdt=1313&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D26d639f209f7f1c6-22f691f07ecd0096%3AT%3D1650629241%3ART%3D1650629241%3AS%3DALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg&prev_fmts=0x0&nras=2&correlator=7798177278164&frm=20&pv=1&ga_vid=1826048250.1650629242&ga_sid=1650629242&ga_hid=18707551&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067205&oid=2&pvsid=4294429441041095&pem=854&tmod=1786020300&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=aJ3xyo2k5C&p=https%3A//hellbergsalesandservice.com&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:23 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 6B2A 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B2A 0
232 B 38ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1h8X5gPiHE8bosBhiDZerDAVNK0s7ykKVzdm0u7SWZi9ltdRleTFZiecM_qfF_JSnJuLemw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 36ms
21ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af922b9fa90f0b97a156c2159d60afe2c367bd83b7ca9a9a3c17b9b485e9516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 12:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10573
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame ECBA 0
127 B 162ms
161ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9d3547a0824b11a7fc641f4b6e98bd8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 22 Apr 2022 12:07:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3422 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 07:28:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 12:07:23 GMT

GET 11001-001-150x183.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_183/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/ 0
0

GET
H2 200 11001-001.jpg
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/ 31 KB
31 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg?resize=840%2C1024&ssl=1

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

db5f9def0bb937b4d740664d4e36bded338a2e59f16222247e8c5b042c2f04cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "18fa3fe98f7353e3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001.jpg>; rel="canonical"
content-length: 31464
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET POP-Junior-Hero.png
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_217/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/ 0
0

GET
H2 200 POP-Junior-Hero.png
i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/ 147 KB
148 KB 18ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png?resize=300%2C433&ssl=1

Requested by

Host: hellbergsalesandservice.com
URL: https://hellbergsalesandservice.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.0.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

35165096b6232ebbb2143dec70d21053acda2fc6654f8e42df1838072b0ddc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Fri, 22 Apr 2022 12:07:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 11:31:39 GMT
server: nginx
etag: "b72b10649c1b8b13"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png>; rel="canonical"
content-length: 150946
expires: Sun, 21 Apr 2024 23:31:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6534 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 11:53:38 GMT
expires: Sat, 22 Apr 2023 11:53:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E5A5 783 B
536 B 19ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a14b12f1ee5af6173df81cd6d778a9612490897c263b225b7840f8f510d79ed8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-94Yp7slFWrL8DXMKttkK9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hellbergsalesandservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-94Yp7slFWrL8DXMKttkK9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 12:07:23 GMT
expires: Fri, 22 Apr 2022 12:07:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E5A5 0
0 55ms
55ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220420&jk=4294429441041095&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6534 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 07:28:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDE2 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl37Ky-wzbHvvPCxi_KNcSqiGmRt8GeXytv4J5gxeH-scphMLlHgWj8qtjv2iBi_NxDDvCMyZtUWya63PQbBRbt-i4IgtmBve6Qc_PGXuDpZ3J16nJZA&sai=AMfl-YR-cnU-lBCOhWI09Xf86uLHzBFkLcaJrJ38OWJAn20Lg1vhV1C5bTMQs2_OWUu1rJDvYCRRuPcvZUZP&sig=Cg0ArKJSzMNvwzEeRlxIEAE&id=lidar2&mcvt=1006&p=0,0,124,1005&mtos=94,778,1006,1044,1044&tos=94,684,228,38,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650629242444&rpt=325&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 12:07:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6534 0
9 B 9ms
8ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0F4ytw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:07:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220420&jk=4294429441041095&bg=!ycqlyo7NAAYXWUUuN1k7ACkAdvg8Wjr2RY8GBqmQddUbt0oa0fcxm5HYz-NC4WLT_gXJNYfU7Vv7UQIAAABiUgAAAAFoAQeZAqcQJGDsdJCXxpbetpJNzUJjO7NHd7RmUN4XzNjxvMgjqBwuqmUAS31gJzPTVwm9E_Ir1QsiopazK36lh-vnrorgaO1BDQyHVrcst_VJhHWPkOUcSIfHIv3YIpbAFH1q3a4i-tj-PU2WQ7ukwCWjP_5pFHvyvkD2bdSs9QO6OQ3daKKvxe6ZsLi6i--tQiKnm4KizsTkcw77mF5SBJ_YKTuG74oRto7bALQcYn13ix3O__ns7sx2TBXlDNqZrgbrz2sZEflxtWQDpuuqfmdL_rqwilHM_Q3uTaAxbbwHzDDXc9LMzmd7YMNOYI5EK_B1wwjL2qHTBUOblDXcPFpRsF9UCDLlpdCKKL_TxpNcuKVROC8OIA24q6USlgjJXCp51oHI2PehfP28NrleC8Dr7EC3HV0LzGiupXAmcqq4Tqb-CFpApj226CBL9fQEAH8XkWigUQpTkw2Qhj4cBeNgOJnsXQJpb3yYw20-7Skm1hIfftFRwuSapEoBUkHSYe2fXfSnaOb9HO7fsnAzrd5Tp7-C4rjt4kufCxJCv4KxshiPARLXDc7nvLTeJdWXqxPvnTZHetrx0fbIA0KS5jgzGsA0tK4sSHNuBOWCi3mS2nE_pxuNutL56F-6jhnIL_JwUITSXD2zYBqDYfC4EvG5BLqCp4t3IcoypN67dO8f4CmCPqUDjDXfTV5A0IMRc8_iEcdcPeBxYNVEBlTiPKfz_wqioKnhiSvPs8ouKJuVAfag5psCMX8EsSd9C8KzWmXacqMjMf9b2m2s3apluZ5Nhumoth3Hc2k6F_Z2GVKClAD3lmybhNgBA6DOewfq1Vl_xTCgKVCmjxgtdadYEOufy_xPVdqgik-w2tSeCWvc6R4chn31jirnVU67XfHhN9t9Rj9xN7N5goTy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hellbergsalesandservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELiN6TR1FBSmVay7PAG-fn8&google_cver=1&google_push=AYg5qPLQ8ZL40Dw4SbWV3X9BRz2mwvNvtmrQbT4V5aNm3uP34rNnd79UZvtGdGNL7uktSM6XuYWp2c5SYGl3sMe4o0CKGd43YDdqNQ

Domain: sp-ao.shortpixel.ai
URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_183/https://hellbergsalesandservice.com/wp-content/uploads/2014/03/11001-001-150x183.jpg

Domain: sp-ao.shortpixel.ai
URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_150,h_217/https://hellbergsalesandservice.com/wp-content/uploads/2014/04/POP-Junior-Hero.png

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hellbergsalesandservice.com/	1970-01-20 02:33:22	Name: wp_woocommerce_session_096cefc6d33fa99df438edb2353c8885 Value: t_929adadfa3eaf15f5e0468a2985d65%7C%7C1650802040%7C%7C1650798440%7C%7Cee866095a192b50ab04440b6f07845aa
hellbergsalesandservice.com/	1969-12-31 23:59:59	Name: woocommerce_recently_viewed Value: 23
.hellbergsalesandservice.com/	1970-01-21 22:18:29	Name: tk_or Value: %22%22
.hellbergsalesandservice.com/	1970-01-20 02:34:48	Name: tk_r3d Value: %22%22
.hellbergsalesandservice.com/	1970-01-20 11:16:05	Name: tk_lr Value: %22%22
.hellbergsalesandservice.com/	1970-01-20 04:40:05	Name: _gcl_au Value: 1.1.306439661.1650629241
.hellbergsalesandservice.com/	1970-01-21 22:18:29	Name: tk_ai Value: j1neKk8WqjePPWFhMkQjEhEM
.hellbergsalesandservice.com/	1970-01-20 02:30:31	Name: tk_qs Value:
.hellbergsalesandservice.com/	1970-01-20 02:31:55	Name: _gid Value: GA1.2.1116988039.1650629242
.hellbergsalesandservice.com/	1970-01-20 02:30:29	Name: _gat_gtag_UA_219644744_1 Value: 1
.hellbergsalesandservice.com/	1970-01-20 20:01:41	Name: _ga_98L05XDXTY Value: GS1.1.1650629241.1.0.1650629241.0
.hellbergsalesandservice.com/	1970-01-20 20:01:41	Name: _ga Value: GA1.1.1826048250.1650629242
.google.com/	1970-01-20 06:54:00	Name: NID Value: 511=hn7uPu2UDO0K3l9hUzcMkgUzi7MyH85n78q4WpAhtyRerwBy0wJdIcOResxSUlVP7GWSA_YKZUs6IPDWBtwVxw0j1rgsOscrVD-kZqWPLpPdf5qyG2xE4plAV-2CnSo1aKTCPcnwuWa16ru_AAbalsA4wH65WKB-lwG2cIHia5s
.hellbergsalesandservice.com/	1970-01-20 11:52:05	Name: __gads Value: ID=26d639f209f7f1c6-22f691f07ecd0096:T=1650629241:RT=1650629241:S=ALNI_MZGugylSh8hpJZ2Das2N_0cMeoVZg
m.stripe.com/	1970-01-20 20:01:41	Name: m Value: b880c37c-9a91-451d-b90f-c767f1c0114a2dd920
.hellbergsalesandservice.com/	1970-01-20 11:16:05	Name: __stripe_mid Value: 67f1ecf2-a675-45d0-9790-0d8db83f185ebefa49
.hellbergsalesandservice.com/	1970-01-20 02:30:31	Name: __stripe_sid Value: 244ac567-b34d-40d4-b7ec-c37088e7098d1c79cd
.doubleclick.net/	1970-01-20 02:30:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:52:05	Name: IDE Value: AHWqTUnsurcEh71cGLuzqyDgZRAsnJMvSHQHB2tOfKd-bOIsmG_6zmMhRiyU9hz-uB0
.quantserve.com/	1970-01-20 04:40:05	Name: d Value: EEYBCQH7JYEA
.quantserve.com/	1970-01-20 12:00:43	Name: mc Value: 62629a7b-9bd18-27d85-6dfef
.casalemedia.com/	1970-01-20 11:16:05	Name: CMID Value: YmKaexFr1IKlk8n7R0CpOgAA
.casalemedia.com/	1970-01-20 04:40:05	Name: CMPS Value: 3236
.casalemedia.com/	1970-01-20 04:40:05	Name: CMPRO Value: 1147
.casalemedia.com/	1970-01-20 02:31:55	Name: CMST Value: YmKae2JimnsA
.innovid.com/	1970-01-20 04:40:05	Name: uuid Value: fb1eda5e-5cac-451d-b196-f8e91df67143-20220422 08:07:23
.e.dlx.addthis.com/	1970-01-20 12:00:43	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:00:43	Name: na_id Value: 2022042212072400010813143790
.addthis.com/	1970-01-20 12:00:43	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:00:43	Name: uid Value: 62629a7c7d142e52
.addthis.com/	1970-01-20 12:00:43	Name: ouid Value: 62629a7c0001ee727d0400374ab97e86800022ee07cbd448ea2e
.dlx.addthis.com/	1970-01-20 03:13:41	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:13:41	Name: na_sr Value: 20220422
.dlx.addthis.com/	1970-01-20 02:30:29	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:13:41	Name: na_sc_e Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELiN6TR1FBSmVay7PAG-fn8&google_cver=1&google_push=AYg5qPLQ8ZL40Dw4SbWV3X9BRz2mwvNvtmrQbT4V5aNm3uP34rNnd79UZvtGdGNL7uktSM6XuYWp2c5SYGl3sMe4o0CKGd43YDdqNQ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmKaexFr1IKlk8n7R0CpOgAABHsAAAIB&google_cver=1&google_gid=CAESEMontuQwlGJ2EOPP2i22DBs&google_push=AYg5qPLbiyuzVDvPzUJPQJuYTGU5GoeYrFHrnn8gvibIvUWewpjjqFOdf274DHJGv0giBYTKi4olccMqEldCu4K7rWkHmVDXZRBj Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
bucket.mlcdn.com
cdn.mailerlite.com
cdn.remotecompany.com
cdnjs.cloudflare.com
click.mlsend2.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fonts.mailerlite.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hellbergsalesandservice.com
i0.wp.com
js.stripe.com
m.stripe.com
m.stripe.network
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pay.google.com
pixel.wp.com
play.google.com
q.stripe.com
r.stripe.com
rtb.openx.net
sp-ao.shortpixel.ai
static.mailerlite.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
sp-ao.shortpixel.ai
104.90.192.27
142.250.185.130
142.250.186.98
142.250.74.194
151.101.192.176
192.0.76.3
192.0.77.2
194.1.147.81
2600:9000:2156:3600:19:7d10:bd80:93a1
2606:4700:10::6816:7cb
2606:4700:10::ac43:2e6
2606:4700:4400::ac40:9996
2606:4700::6811:180e
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::5c
2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
2a06:98c1:3120::7
34.98.67.61
35.227.252.103
54.148.197.171
54.187.159.182
84.17.46.53
015573fea5888d9399b84e1d58d97d104dec34390951f0175b6668fdb41f2d6c
0372f80aa5e6b0ffdc4f84edd49f75d09e7abe2c66121ed60b559a359c30ef0a
039571e227a5832dad1268c33d53aecd640bef54c0dc685edab6cb07fa2b5110
0894a2c339457b7bc4aa93d81b80480913a793d68198c6a97be63c836258ed03
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf95b39586a515525eec76fdba18fed7f4a0d5a8274e49fd54acab6d3aabcac
0e0f94c01fa36109ac15278891609346dacfce735bc6497401bd7e31df55be10
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
1240106b570dda5fdb8cf5e703d20b1068194eb2f18795e20fa85fcb96108fdb
15998053a1192bd33aa2bc9ad6094a38a6fa13673a7cfae027f8c91a5b76ef6e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184c90d054a8482f4b21294d1562cc41172a377c5d3768342904a1647b77fdd9
1a4fc39d7146a4d76f4f84556845887ef17ec8e51509aa0c01eeded2d6adb840
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e4df625ca09eb3827efc1f33d961efd04b1557c4d6a4aaf235e89041412480f
20b97f4764680efdd44b021cb57bfb2b93850d0aaf8af024986393b0cb80f2d0
24fb52cada48a74bfd6a4fd5ca5698476e42e8f0479a1dae19597004cc078f55
25252b14f925075f53ec2b94b28344793d2e3d573c3c1c49e225c73a7a0fe7a4
2b908eeefccb37c13fe231446076542ee01e22fdbc20bab5c25d6e0387d65134
2c340ab8ceb742bd040c800ce55e7f865d713660f97c011a3b88461eb7280687
2eaa824c57c8fc4e19d166ed7c300f14d07e264faf23e71cbde5407b9384d8a0
305f91495b2be25b65c82930af0daf4cd150fb80cd35d1c76392b62fb24dd581
31c604c502df91921adcac9c00b4f0d7f3391d0e5cbbf9eb1ad76a968198b43b
32dde2078cf65805a9d642f37b336c89f5ed52be6bac6930339ac2654dd6910f
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
35165096b6232ebbb2143dec70d21053acda2fc6654f8e42df1838072b0ddc65
3634f0339e7dfafdb9dc04600717647a642f221387a007c0a53df4bb8841f629
3dbd4554748a9ea865268ad238a6ccd46ea7f7a6a8683b3642afa67bed11b479
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7601b976a9a41ef881e033b97ea1ba95936bf2fc383d6de8c93bc089696bbd
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
473ee83b6ae7de17b59502c6cddc929ca45ff7b8ee7e84ae0dfc13425b84c8f4
49652113b3754b12b940dde8136e0c9b8e8948a87cbd3b72bbf8675f5191cd0a
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4af922b9fa90f0b97a156c2159d60afe2c367bd83b7ca9a9a3c17b9b485e9516
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd99b25cfa45b32aa811fa70e09a731d7c2bebc0f16e77f2733f2305e1e433b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51edb462367ca9fab50ed4ab9b774955dacb067cf0137568f850474f85ba727e
533df60ccc51ae4eff3b3bb86a0305aba683846f6b421b09c8ef2c071506c62d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a761272fd9d6f72fe1a8bbbeb3191dcc4377f2bb992d26aeea4e257393b5df7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6227db22e81d03824c4bef87c8f7ae4d78bbe489f733f3a020b75265cea6908c
631dd665d698d6f57e419ac9a7de2153e0002a255a1db8dea40da318fad21260
63d53b7ef0241816b8533f6f6b0431e8a46392a402d80dc478243588879fcf40
661df990b4174d442ab319411b1521a5be47d5162eb9cd2428f91ff21f85ffd5
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
698ac2cdc8805eb60828e3c0869aa675b8ccd58bd84b3e43e60400776f9bf15f
6a4605d276c5cc9c43ee3b93efa8d94f0925df950cee4c3fb24a9cbfbb773563
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7365371a15c90f4fad5ce73db0143325579f90af5ddcddf80d07879e00bafa52
75e891f33a08511b948b1e3a0ca871538d3068c5e60a1e473764f9151e5f18e4
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
78f75d86ac3cb8fc4e54ac0aaa38d72e6064c07aaf900cbbae41b4edd83a6a32
79bcb9949cc0712cc735cbd2777724653e11ce0dac3e93e03b237b94757d4bf0
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
83ef7d6964dc6462a5c584abc6108d397c80955018413299d6067aaec1db90da
8775340180ca24e6332fb43a49633c31b805efb097f65b3800a3e664b7fce982
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89f49597e41c2c0d2565378b5abdbd3dba715df46cea015c04edb33fe29cb1fd
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d9b157d7d07680e7a086016c2407b912e07a0240676e0f2519ca181db578d68
8fd808c2a8bcd944c9ccb359ffe919b591d19d9dbf64753d39c3dbb8a8140993
913421becbc0c9c5d278ee24c9d48ecbd948cb6eef2874988f1c88c6d324d25e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9905fa5e3654ee7b809dc0f15d0be039ac0f8ccec558066583c0aa427f1db67b
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dee15ce910f7c38851c0f552327b2a1868ccde11bd5ca6286abf9d4c8b91684
9fb1c8116fc576fd124bff66a6a50cb7d4c31d08623e686ab68d5e197a7bc5cc
a05e37f5e54dcd057d88025656625a1e025951f4103dca550e90b2e5f44ef365
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a14b12f1ee5af6173df81cd6d778a9612490897c263b225b7840f8f510d79ed8
a180bc59f6bd620fd823742e7f2938b573bc63af547088e796a5f3ca4aa956c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27a3f46901668e0116688452d5e5e1e0c4bee811e0146519d81acb2e47d0584
a37c6f7d5a009da940943dc23de6ede50599df22dda28346aeebb4649bd9cb45
a3c681f11be5f527f8fd28e22a84d550272ea5c85bed86cb9f52e887721c0091
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a63de32818893adf1469b13ec41df0462d3eb2b011b5a014f5925387aafdbc2c
a77dde98b819b7bb2b0c5d185d0f04c1081838276076a953fd4eef641ea1e5c2
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b350ed39ea4b1af8b6effb63367b09e80cd99530599bc9d017f4a33623fa2ccb
b3e687bb3113c8813f3aff4fc5b1026de59036adba2a5d6983b2e34e759fac66
b5fc45bacdf1657dd2df04a8b5edfc34b4c83b3a9e18d7dbe3edf0de51398fb9
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bc8a988452cded79dc3ecd67ac575ef2d73a5f7b3cac0a7ef49857b85637d1a3
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9f33ed9fdd936a670993b9a8e6ca44e7a358d0f7b217b6c6638b502f66a8015
dac047673d3732b8f58a3c3707dc2cec0fabc1752643865f75b706a9de770c4f
db5f9def0bb937b4d740664d4e36bded338a2e59f16222247e8c5b042c2f04cb
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df186551fdaf87b6db719eec7a8d1f0a6349b3b60cff29bd8914595566648733
e117523cb4f7fea4fbc9bccb65b245f3cabe0bac611bd3862a6b1d016ef80693
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593595b52c794fae0f9d5051c0a438ebc91275fa786ba66db67c8b5840b7636
e705c88efb0207b5da12cedb8be9eb5965dadaca4b8d81f52be32d44e149c1fc
e8306a84dae66a80fe39f1699a1bacabfd075b5b84fb45e6d3ac2e65ebfa730f
ecbd3f1747d4b1c28bae416f0191f028937bd8ccf71be26a8f553809b60d1bec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
ef9c6f82a437a025730b2d956eef25703b28cd4921911f14b889e4fedca61fce
f22a221a82105cf14f2df601b41c8b651807dc680f195cda8ac23b9fa97de2bd
f250fc4e88b19c1500c338a022bf6e2d9f01d4bf61ba491f36f0151eab214e2f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f508a0c01b03484bb9a31f638110d184b99f2d342a5c076689dc4439bbae778c
f5707b535b1fd9bd1c1762f2dadc4c2c0f1ddf304c53771cdb178b60633f4752
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6fff41cc7237157d027108f0eff7b36eafef45f20a873bdb5d9602a46294514
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

hellbergsalesandservice.com Open in urlscan Pro 194.1.147.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

97 %HTTPS

64 %IPv6

26 Domains

41 Subdomains

35 IPs

5 Countries

4584 kBTransfer

12338 kBSize

35 Cookies

2 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hellbergsalesandservice.com Open in urlscan Pro
194.1.147.81 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

97 %
HTTPS

64 %
IPv6

26
Domains

41
Subdomains

35
IPs

5
Countries

4584 kB
Transfer

12338 kB
Size

35
Cookies

215 HTTP transactions
9 data transactions