urlscan.io logo urlscan.io
SecurityTrails logo

michigantowingabuse.com Open in urlscan Pro
35.236.225.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://michigantowingabuse.com/
Submission: On June 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 67 HTTP transactions. The main IP is 35.236.225.72, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is michigantowingabuse.com.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time michigantowingabuse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

46    35.236.225.72 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: sh1.securefoundations.com
michigantowingabuse.com
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
Apex Domain
Subdomains		 Transfer
46 michigantowingabuse.com
michigantowingabuse.com
899 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
306 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
img.youtube.com — Cisco Umbrella Rank: 1994
151 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
969 B
2 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 3880
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
67 6
Domain Requested by
46 michigantowingabuse.com michigantowingabuse.com
9 fonts.gstatic.com michigantowingabuse.com
fonts.googleapis.com
3 www.google.com michigantowingabuse.com
www.gstatic.com
2 www.youtube-nocookie.com www.youtube.com
2 img.youtube.com michigantowingabuse.com
2 www.youtube.com michigantowingabuse.com
www.youtube.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com michigantowingabuse.com
67 8

This site contains no links.

Subject Issuer Validity Valid
michigantowingabuse.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://michigantowingabuse.com/
Frame ID: D473572C9B82AA11B8A4F60087D1E946
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffpvYpAAAAANBcFLIv-owBSGwCeQXv0AHtb9vi&co=aHR0cHM6Ly9taWNoaWdhbnRvd2luZ2FidXNlLmNvbTo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=normal&cb=46370dmwvgqi
Frame ID: 53958F99C4FE7CCC88368E8566B07B44
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/OyXvkoEDPec?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&hl=en&iv_load_policy=1&playsinline=true&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fmichigantowingabuse.com&widgetid=1
Frame ID: 58F0278D2F2422E951930E921D19F57E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fsC0k0NGKVk?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&hl=en&iv_load_policy=1&playsinline=true&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fmichigantowingabuse.com&widgetid=2
Frame ID: 926A37F9BEC906777E8E60F176FC63EA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=KXX4ARWFlYTftefkdODAYWZh&k=6LffpvYpAAAAANBcFLIv-owBSGwCeQXv0AHtb9vi
Frame ID: 41B48F4D264D8D86C0AB349902DFB412
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Michigan Towing Abuse – Stop Towing Abuse in Michigan

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /revslider/[/\w-]+/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

67
Requests

99 %
HTTPS

67 %
IPv6

6
Domains

8
Subdomains

10
IPs

2
Countries

1359 kB
Transfer

4062 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
michigantowingabuse.com/ 		62 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
44912d81bf6a458ea2f1b62874bff322ebb0e8ed4479f6e7fed91ed1e1dd5415

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
15217
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 11:44:39 GMT
link
<https://michigantowingabuse.com/wp-json/>; rel="https://api.w.org/", <https://michigantowingabuse.com/wp-json/wp/v2/pages/272>; rel="alternate"; type="application/json", <https://michigantowingabuse.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
LDI1apSCOBt_aeQQ7ftydoa8XsLLubg58w.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDI1apSCOBt_aeQQ7ftydoa8XsLLubg58w.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:56:39 GMT
x-content-type-options
nosniff
age
161281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10632
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:09:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:56:39 GMT
LDIrapSCOBt_aeQQ7ftydoa8W_LJs78b8SGK.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIrapSCOBt_aeQQ7ftydoa8W_LJs78b8SGK.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efaef84a6c93e303dc55f4febe140d3ad2f7f1655b25a0de865d1a00a2b67981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:33:50 GMT
x-content-type-options
nosniff
age
159050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11908
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:12:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:33:50 GMT
LDIqapSCOBt_aeQQ7ftydoa0gebelJo02SuCgQ.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0gebelJo02SuCgQ.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5346003928ce35756d754b207e777261fc6b226caf252f5c07e302a3ed2accd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:45:02 GMT
x-content-type-options
nosniff
age
161978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:45:02 GMT
LDIoapSCOBt_aeQQ7ftydoa8W_oWl6o20yygg_vb.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIoapSCOBt_aeQQ7ftydoa8W_oWl6o20yygg_vb.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe211d11f1e3e3ab70ce6e6d12b1e20bf4b6a55cfa946f34a3f644883bf95065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:20:15 GMT
x-content-type-options
nosniff
age
159865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12076
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:18:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:20:15 GMT
LDIqapSCOBt_aeQQ7ftydoa05efelJo02SuCgQ.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa05efelJo02SuCgQ.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7eab04dcf0956e72a687d70cae4263e15a425ed4b4f7766ce8a84fb60edbc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:10:08 GMT
x-content-type-options
nosniff
age
160472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10656
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:09:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:10:08 GMT
LDIoapSCOBt_aeQQ7ftydoa8W_pylqo20yygg_vb.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIoapSCOBt_aeQQ7ftydoa8W_pylqo20yygg_vb.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f14684779c2504b669ba11bed271c4001adbe16a872eba18f268066bc148b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:57:41 GMT
x-content-type-options
nosniff
age
161219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11828
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:05:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:57:41 GMT
style.min.css
michigantowingabuse.com/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
Apache
etag
"1bae5-6125e1e30bbc0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14991
wpforms-full.min.css
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/css/frontend/modern/ 		148 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/css/frontend/modern/wpforms-full.min.css?ver=1.8.9.2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
298eed7951ad53875173cb984e0260903d62a9a5dab07be216fc786fda7b5b8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"24e3b-61b293cf92a04-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15035
js_composer.min.css
michigantowingabuse.com/wp-content/plugins/js_composer/assets/css/ 		454 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.6
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
caad2ecf2e37f3007e63c118a4c26a9cc26a62c495fbdd4b9d20e55bc89052d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:17 GMT
server
Apache
etag
"7171c-61a10f7b1e2df-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
44639
bootstrap.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/css/ 		38 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/bootstrap.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
4de73278ba1a63615f42f4d1f27b7d7c66520bae709dbf31239e5aa47e09b2e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"98b5-61a10f404a7e2-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8007
base.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/css/ 		200 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/base.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
00ce84be8a76eeb9118f2a4d13cd1fdb73286d71a1e5148d1955698a503e1e98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"32150-61a10f404c722-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
29480
style.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/css/new/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/new/style.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
636537ad9d6957d6bb4fcd41dc68eee498c7d2437bd64e762a84d1927904346d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"1edb-61a10f404a7e2-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1514
other.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/css/ 		92 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
c3a6e447c7a08191c15c4b39fddf921478e3893202b51b6c522c56d2385e5c0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"170fe-61a10f404a7e2-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15129
style.css
michigantowingabuse.com/wp-content/themes/kalium/ 		671 B
451 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/style.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
5e1d9d86859a9f4b2b36d95ea215ade7f59e425aba5464001f3995efb1cfc452

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"29f-61a10f4042adf-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
375
custom-skin.css
michigantowingabuse.com/wp-content/themes/kalium-child-landing/ 		43 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium-child-landing/custom-skin.css?ver=ddc8318cc90e4ec56aee217b77302887
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
39c9b54771db6eb1269beae12767c9c1fde759ff121d1db142f220a43e7dc822

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 20:27:42 GMT
server
Apache
etag
"ab4f-61a16482ae81a-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5767
style.css
michigantowingabuse.com/wp-content/themes/kalium-child-landing/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium-child-landing/style.css?ver=6.5.4
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
88bbb8a0139829239fd599143f547325b5a5985223fc8fef681e752be41df471

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:27 GMT
server
Apache
etag
"1683-61a10f84192cb-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1757
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=3.14.1
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56adb70dcb29957a6fcd0f0fcfd287df76735c8732fd7211f19bef151569c4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 20 Jun 2024 11:44:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jun 2024 11:44:40 GMT
jquery.min.js
michigantowingabuse.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
Apache
etag
"15601-603fed35e19c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
30368
jquery-migrate.min.js
michigantowingabuse.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
Apache
etag
"3509-5fdabee5f2100-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
4872
dummy.png
michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/assets/ 		68 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/assets/dummy.png
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
last-modified
Tue, 04 Jun 2024 14:07:21 GMT
server
Apache
accept-ranges
bytes
etag
"44-61a10f7ea68ac"
content-length
68
content-type
image/png
submit-spin.svg
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/images/ 		509 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
accept-ranges
bytes
etag
"1fd-61b293cfa1469"
content-length
509
content-type
image/svg+xml
CURE_LogoTag_PMS647.png
michigantowingabuse.com/wp-content/uploads/2024/06/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://michigantowingabuse.com/wp-content/uploads/2024/06/CURE_LogoTag_PMS647.png
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
bd1ca62de42c6c219dcea4ab35b815efaecc5d65f2d6e8a9d961822bf127f708

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
last-modified
Tue, 04 Jun 2024 16:56:42 GMT
server
Apache
accept-ranges
bytes
etag
"10275-61a13558db4d5"
content-length
66165
content-type
image/png
video-js.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js/ 		45 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js/video-js.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
87590de8c7bcfa547adf9a7924bdb91a1733cb7ac308c40d5bbff34f82734dd9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"b2c0-61a10f404a7e2-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12232
all.min.css
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/font-awesome/css/ 		100 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/font-awesome/css/all.min.css?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"18f49-61a10f4046960-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
22423
rs6.css
michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/css/rs6.css?ver=6.7.11
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:40 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:21 GMT
server
Apache
etag
"e3d7-61a10f7ea590c-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12492
rbtools.min.js
michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/js/ 		161 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/js/rbtools.min.js?ver=6.7.11
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:21 GMT
server
Apache
etag
"285db-61a10f7ea590c-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
rs6.min.js
michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/js/ 		406 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/revslider/sr6/assets/js/rs6.min.js?ver=6.7.11
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
cdb27c4c29bde44208797bb665ed9a873bfbb2f8ea64461638ae8e82d6546d8c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:21 GMT
server
Apache
etag
"65891-61a10f7ea590c-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
gsap.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/gsap/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/gsap/gsap.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
f6d6ecb1737ecfa9ec03e37591b8feca3b47676e69348c2e586a983a94ea109b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"f7ab-61a10f40459c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
24888
ScrollToPlugin.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/gsap/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/gsap/ScrollToPlugin.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
3579fe476a88f206c2225ef2516f5067f34b550741c005c7fea25493b1859c26

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"ee1-61a10f40459c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1822
ScrollMagic.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/scrollmagic/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/scrollmagic/ScrollMagic.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
bfe1d536e23bf3589590acded52c3d09f760dff88130a5057c7a81dc4f5a663f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"442c-61a10f4046960-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
6073
animation.gsap.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/scrollmagic/plugins/ 		1 KB
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/scrollmagic/plugins/animation.gsap.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
62226bb1bee99b1c94dfcecfbac6aaf6d56f2160fb5f82c56a0e61037694fa19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"5f5-61a10f4046960-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
777
js_composer_front.min.js
michigantowingabuse.com/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.6
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
c30b6d9818f986da2367e411cebf9aa5bf2eb3580a1bf3acb573f9481f0de5ab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:17 GMT
server
Apache
etag
"5115-61a10f7b0f87b-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
5779
video.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js/ 		619 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js/video.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
0957d68a4f0298bad4d37b150b48cbb022f62ac9b660df7056dd6194f69e4dc0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"9ac95-61a10f4049841-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
video-js-youtube.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js-youtube/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js-youtube/video-js-youtube.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
f92c103734d0e349e776ee5fc47c61fb21cb735fec2b7344af0cb61cdc418118

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"349c-61a10f4044a20-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
3764
player.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/vimeo/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/vimeo/player.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
7ca8d104a83cbe3ecbbf319589825e678c69e8edf97a760336f8cfd63a69ea06

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:15 GMT
server
Apache
etag
"93d1-61a10f4044a20-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
11255
skrollr.min.js
michigantowingabuse.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=7.6
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
63876725ee0b6f28351cc6bd1d7ece278030248b65cdeaa40b3bd6eddcaf24ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:07:17 GMT
server
Apache
etag
"3222-61a10f7b06bd8-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
5725
main.min.js
michigantowingabuse.com/wp-content/themes/kalium/assets/js/ 		178 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/js/main.min.js?ver=3.14.1.001
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
d125b2c9550a57ffd20714e0ac051d20bb4dcca042ee452306008b946c6d666c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
etag
"2c805-61a10f404d6c2-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
54034
jquery.validate.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.20.0
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
89cea1c4d5820772010ec5ead33e4aa4a1e67097356a79a7874c463a2d02e43c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"61eb-61b293cfaa10d-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
7998
mailcheck.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"fae-61b293cfaa10d-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1682
punycode.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/ 		2 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"6b1-61b293cfaa10d-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
872
utils.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/share/ 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/share/utils.min.js?ver=1.8.9.2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
5e3c1c51cc1426df4bf854e510a9bf1b0d756deb01ac55a8a2c15c62567d2b62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"4df-61b293cfa722c-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
685
wpforms.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/frontend/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/frontend/wpforms.min.js?ver=1.8.9.2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
0e4e3f335f2bebc2c01b0ac546bf8370b6fecbaa7b8daf2db2c86986f9ef95f2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"adef-61b293cfa52eb-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
13127
wpforms-modern.min.js
michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/frontend/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/plugins/wpforms-lite/assets/js/frontend/wpforms-modern.min.js?ver=1.8.9.2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
7eb6e20461d68e4581f1a8d91ee5182efac491282346456e27c91ddf230f1fa6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2024 12:29:50 GMT
server
Apache
etag
"15e5-61b293cfa52eb-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1933
api.js
www.google.com/recaptcha/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
c0e5b1a3656e643274324d03f5870ff4e2c46536512e1c6ea3bf65c5cca4796d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 20 Jun 2024 11:44:41 GMT
cd8ab4ad-c7f9-4e15-9ab1-1975fd4f4d81
https://michigantowingabuse.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://michigantowingabuse.com/cd8ab4ad-c7f9-4e15-9ab1-1975fd4f4d81
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=3.14.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:54:12 GMT
x-content-type-options
nosniff
age
161429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10632
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:15:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:54:12 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2
michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/bai-jamjuree/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/bai-jamjuree/LDI1apSCOBt_aeQQ7ftydoa8XsLL.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
last-modified
Tue, 04 Jun 2024 16:17:05 GMT
server
Apache
accept-ranges
bytes
etag
"2988-61a12c7e56a8a"
content-length
10632
content-type
font/woff2
LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2
michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/bai-jamjuree/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/bai-jamjuree/LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
2a257de7d16cbc56379bbeba00afc1533e9aee044331ef5d618ec6db47ba103c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
last-modified
Tue, 04 Jun 2024 16:17:06 GMT
server
Apache
accept-ranges
bytes
etag
"2a38-61a12c7eaf885"
content-length
10808
content-type
font/woff2
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
flaticon.woff
michigantowingabuse.com/wp-content/themes/kalium/assets/css/fonts/flaticons-custom/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/fonts/flaticons-custom/flaticon.woff
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.14.1.001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
dfcd0b2fb5b3eba3c9227d2743a4023353fb473600b9511a4868716c21cc08fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.14.1.001
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
accept-ranges
bytes
etag
"7c0-61a10f404a7e2"
content-length
1984
content-type
font/woff
LDIqapSCOBt_aeQQ7ftydoa05efelJo0.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa05efelJo0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=3.14.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e7eab04dcf0956e72a687d70cae4263e15a425ed4b4f7766ce8a84fb60edbc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:47:52 GMT
x-content-type-options
nosniff
age
161809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10656
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:28:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:47:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/uploads/themepunch/gfonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
last-modified
Tue, 04 Jun 2024 14:14:11 GMT
server
Apache
accept-ranges
bytes
etag
"3d80-61a111058a5a5"
content-length
15744
content-type
font/woff2
LDIoapSCOBt_aeQQ7ftydoa8W_pylqo20yw.woff2
fonts.gstatic.com/s/baijamjuree/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baijamjuree/v11/LDIoapSCOBt_aeQQ7ftydoa8W_pylqo20yw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C600%3B1%2C700&display=swap&ver=3.14.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1f14684779c2504b669ba11bed271c4001adbe16a872eba18f268066bc148b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:05:34 GMT
x-content-type-options
nosniff
age
160747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11828
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:05:34 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/wp-content/themes/kalium/assets/vendors/video-js-youtube/video-js-youtube.js?ver=3.14.1.001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 20 Jun 2024 11:44:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 		518 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=wpformsRecaptchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210814
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jun 2025 11:34:00 GMT
wp-emoji-release.min.js
michigantowingabuse.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:41 GMT
content-encoding
gzip
last-modified
Tue, 13 Feb 2024 14:36:07 GMT
server
Apache
etag
"4926-61144508b03c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
5062
linea.woff
michigantowingabuse.com/wp-content/themes/kalium/assets/css/fonts/linea-iconfont/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/fonts/linea-iconfont/fonts/linea.woff
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.14.1.001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
3ad756310622656cb23fe63aefb22c7f468ca8acbb771bc9c43f2ff1f254ff6c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/wp-content/themes/kalium/assets/css/other.min.css?ver=3.14.1.001
Origin
https://michigantowingabuse.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
last-modified
Tue, 04 Jun 2024 14:06:16 GMT
server
Apache
accept-ranges
bytes
etag
"5054-61a10f404b782"
content-length
20564
content-type
font/woff
banner-1.jpg
michigantowingabuse.com/wp-content/uploads/2024/06/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://michigantowingabuse.com/wp-content/uploads/2024/06/banner-1.jpg
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
17ea562083deb8c0d333d93050098fdb9f82cdd6725c6afe100477064ca9db6c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
last-modified
Tue, 04 Jun 2024 16:37:50 GMT
server
Apache
accept-ranges
bytes
etag
"9ce8-61a131215f1da"
content-length
40168
content-type
image/jpeg
stop.png
michigantowingabuse.com/wp-content/uploads/2024/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://michigantowingabuse.com/wp-content/uploads/2024/06/stop.png
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
0acfaca0f539cbcf3831df2751048b112ab7075702c4ac0b5c41c0ed3481669d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
last-modified
Tue, 04 Jun 2024 16:01:01 GMT
server
Apache
accept-ranges
bytes
etag
"1ce3-61a128e672f49"
content-length
7395
content-type
image/png
maxresdefault.jpg
img.youtube.com/vi/OyXvkoEDPec/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/OyXvkoEDPec/maxresdefault.jpg
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26ac56dda6dd4a6188590688e0b7cf4a8f6ebdfbf8be6f21d28fb089ada4f85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45940
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Jun 2024 13:44:42 GMT
maxresdefault.jpg
img.youtube.com/vi/fsC0k0NGKVk/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/fsC0k0NGKVk/maxresdefault.jpg
Requested by
Host: michigantowingabuse.com
URL: https://michigantowingabuse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55efc481410440489e26763d68d28da1c79243d39d7f3fa3065783b1a16da5d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:42 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97686
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Jun 2024 13:44:42 GMT
www-widgetapi.js
www.youtube.com/s/player/84314bef/www-widgetapi.vflset/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:43:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
75
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8237
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 04:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Jun 2025 11:43:27 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5395 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffpvYpAAAAANBcFLIv-owBSGwCeQXv0AHtb9vi&co=aHR0cHM6Ly9taWNoaWdhbnRvd2luZ2FidXNlLmNvbTo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=normal&cb=46370dmwvgqi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s9kJ9-6YpFsWxsyxOdQswg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://michigantowingabuse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-s9kJ9-6YpFsWxsyxOdQswg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 11:44:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
OyXvkoEDPec
www.youtube-nocookie.com/embed/ Frame 58F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/OyXvkoEDPec?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&hl=en&iv_load_policy=1&playsinline=true&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fmichigantowingabuse.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://michigantowingabuse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 11:44:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fsC0k0NGKVk
www.youtube-nocookie.com/embed/ Frame 926A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fsC0k0NGKVk?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&hl=en&iv_load_policy=1&playsinline=true&wmode=transparent&enablejsapi=1&origin=https%3A%2F%2Fmichigantowingabuse.com&widgetid=2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://michigantowingabuse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 11:44:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 41B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=KXX4ARWFlYTftefkdODAYWZh&k=6LffpvYpAAAAANBcFLIv-owBSGwCeQXv0AHtb9vi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qTEyzZPO_t5tY-HAApf_ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://michigantowingabuse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qTEyzZPO_t5tY-HAApf_ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 11:44:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
just-the-sign.gif
michigantowingabuse.com/wp-content/uploads/2024/06/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://michigantowingabuse.com/wp-content/uploads/2024/06/just-the-sign.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.236.225.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
sh1.securefoundations.com
Software
Apache /
Resource Hash
a4d71f2eb52e993f02657f84fb774a5ddec6b4595fb8963b88db4d93af89237a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://michigantowingabuse.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 11:44:45 GMT
last-modified
Tue, 04 Jun 2024 20:27:02 GMT
server
Apache
accept-ranges
bytes
etag
"11b6-61a1645c0359a"
content-length
4534
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 undefined| event object| fence object| sharedStorage object| _wpemojiSettings string| ajaxurl undefined| $ function| jQuery number| mobile_menu_breakpoint function| setREVStartSize number| RSIW number| RSIH object| RS_MODULES function| revslider_showDoubleJqueryError object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin object| ScrollToPlugin function| ScrollMagic function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_ttaToggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts object| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| vttjs function| WebVTT function| videojs function| t function| DrawSVGPlugin function| MotionPathPlugin function| r function| InertiaPlugin object| tpGS object| punchgs undefined| Youtube object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| skrollr object| _k function| PointerEventsPolyfill function| sliderComparison function| checkPosition function| drags function| updateLabel function| portfolioLightboxOpen function| portfolioLIghtboxSetHash function| setupSlickCarousel function| setupPerfectScrollbar function| setStickyElement undefined| lastItemId object| wowLab function| WOW object| lazySizes function| PerfectScrollbar object| scrollMonitor function| EvEmitter function| imagesLoaded object| macKeys object| enquire function| tocca object| is function| ScrollToElement function| kaliumLightbox function| kaliumBlogEndlessPaginationHandler object| lazySizesConfig object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor object| Mailcheck object| punycode object| wpforms object| WPForms object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| wpformsDispatchEvent function| wpformsRecaptchaCallback function| wpformsRecaptchaLoad function| tpj object| revapi1 object| wpforms_settings string| RSBrowser boolean| isSafari11 object| T boolean| _rs_firefox13 boolean| _rs_firefox boolean| _rs_ie boolean| _rs_ie9 boolean| _rs_desktop function| processPostFormatContents function| topMenuToggle function| sidebarMenuOpen object| twemoji object| wp object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| recaptcha object| closure_lm_231907

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: eJLeAo3V5gM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: oH4s6E_y1zg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgSQ%3D%3D

1 Console Messages

Source Level URL
Text
other warning URL: https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js(Line 138)
Message:
Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
michigantowingabuse.com
www.google.com
www.gstatic.com
www.youtube-nocookie.com
www.youtube.com
142.250.186.35
142.250.74.196
2a00:1450:4001:809::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
35.236.225.72
00ce84be8a76eeb9118f2a4d13cd1fdb73286d71a1e5148d1955698a503e1e98
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0957d68a4f0298bad4d37b150b48cbb022f62ac9b660df7056dd6194f69e4dc0
0acfaca0f539cbcf3831df2751048b112ab7075702c4ac0b5c41c0ed3481669d
0e4e3f335f2bebc2c01b0ac546bf8370b6fecbaa7b8daf2db2c86986f9ef95f2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
17ea562083deb8c0d333d93050098fdb9f82cdd6725c6afe100477064ca9db6c
1f14684779c2504b669ba11bed271c4001adbe16a872eba18f268066bc148b0d
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2045d10a89d38e10fa42a5eb8c9aea9387c50d8470eb1791ad1ce88cd47a7733
298eed7951ad53875173cb984e0260903d62a9a5dab07be216fc786fda7b5b8a
2a257de7d16cbc56379bbeba00afc1533e9aee044331ef5d618ec6db47ba103c
3579fe476a88f206c2225ef2516f5067f34b550741c005c7fea25493b1859c26
39c9b54771db6eb1269beae12767c9c1fde759ff121d1db142f220a43e7dc822
3ad756310622656cb23fe63aefb22c7f468ca8acbb771bc9c43f2ff1f254ff6c
44912d81bf6a458ea2f1b62874bff322ebb0e8ed4479f6e7fed91ed1e1dd5415
4de73278ba1a63615f42f4d1f27b7d7c66520bae709dbf31239e5aa47e09b2e4
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55efc481410440489e26763d68d28da1c79243d39d7f3fa3065783b1a16da5d3
56adb70dcb29957a6fcd0f0fcfd287df76735c8732fd7211f19bef151569c4bc
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5e1d9d86859a9f4b2b36d95ea215ade7f59e425aba5464001f3995efb1cfc452
5e3c1c51cc1426df4bf854e510a9bf1b0d756deb01ac55a8a2c15c62567d2b62
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
62226bb1bee99b1c94dfcecfbac6aaf6d56f2160fb5f82c56a0e61037694fa19
636537ad9d6957d6bb4fcd41dc68eee498c7d2437bd64e762a84d1927904346d
63876725ee0b6f28351cc6bd1d7ece278030248b65cdeaa40b3bd6eddcaf24ed
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7ca8d104a83cbe3ecbbf319589825e678c69e8edf97a760336f8cfd63a69ea06
7eb6e20461d68e4581f1a8d91ee5182efac491282346456e27c91ddf230f1fa6
7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149
87590de8c7bcfa547adf9a7924bdb91a1733cb7ac308c40d5bbff34f82734dd9
88bbb8a0139829239fd599143f547325b5a5985223fc8fef681e752be41df471
89cea1c4d5820772010ec5ead33e4aa4a1e67097356a79a7874c463a2d02e43c
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a26ac56dda6dd4a6188590688e0b7cf4a8f6ebdfbf8be6f21d28fb089ada4f85
a4d71f2eb52e993f02657f84fb774a5ddec6b4595fb8963b88db4d93af89237a
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
bd1ca62de42c6c219dcea4ab35b815efaecc5d65f2d6e8a9d961822bf127f708
bfe1d536e23bf3589590acded52c3d09f760dff88130a5057c7a81dc4f5a663f
c0e5b1a3656e643274324d03f5870ff4e2c46536512e1c6ea3bf65c5cca4796d
c30b6d9818f986da2367e411cebf9aa5bf2eb3580a1bf3acb573f9481f0de5ab
c3a6e447c7a08191c15c4b39fddf921478e3893202b51b6c522c56d2385e5c0a
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
caad2ecf2e37f3007e63c118a4c26a9cc26a62c495fbdd4b9d20e55bc89052d9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdb27c4c29bde44208797bb665ed9a873bfbb2f8ea64461638ae8e82d6546d8c
d125b2c9550a57ffd20714e0ac051d20bb4dcca042ee452306008b946c6d666c
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dfcd0b2fb5b3eba3c9227d2743a4023353fb473600b9511a4868716c21cc08fa
e7eab04dcf0956e72a687d70cae4263e15a425ed4b4f7766ce8a84fb60edbc48
efaef84a6c93e303dc55f4febe140d3ad2f7f1655b25a0de865d1a00a2b67981
f5346003928ce35756d754b207e777261fc6b226caf252f5c07e302a3ed2accd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d6ecb1737ecfa9ec03e37591b8feca3b47676e69348c2e586a983a94ea109b
f92c103734d0e349e776ee5fc47c61fb21cb735fec2b7344af0cb61cdc418118
fe211d11f1e3e3ab70ce6e6d12b1e20bf4b6a55cfa946f34a3f644883bf95065