wava.com Open in urlscan Pro
2606:4700:20::681a:cc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.members.salemsurround.com/kvhpfqrtkbtjgmmrjrfhzjfpkqjdkmptqkghsmbmttsllvr_iymzybmvbwynghvzdggg.html
Effective URL:
https://wava.com/
Submission: On December 25 via manual (December 25th 2023, 10:47:21 am UTC) from IN — Scanned from DE

Summary HTTP 255 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 66 IPs in 7 countries across 65 domains to perform 255 HTTP transactions. The main IP is 2606:4700:20::681a:cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is wava.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time wava.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::681a:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
7	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.239.83.126 18.239.83.126	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.48 18.66.112.48	16509 (AMAZON-02) (AMAZON-02)
6 24	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:49d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:8400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.165.183.10 18.165.183.10	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 38	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	54.216.91.216 54.216.91.216	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	68.183.113.21 68.183.113.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	54.77.143.29 54.77.143.29	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.171.212.97 54.171.212.97	16509 (AMAZON-02) (AMAZON-02)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	13.77.83.246 13.77.83.246	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:440... 2606:4700:4400::6812:2412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 1	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3 4	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 2	18.172.242.100 18.172.242.100	16509 (AMAZON-02) (AMAZON-02)
1 1	34.241.138.233 34.241.138.233	16509 (AMAZON-02) (AMAZON-02)
1 1	18.245.60.76 18.245.60.76	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.171.212 141.94.171.212	16276 (OVH) (OVH)
1 1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.169.85.6 69.169.85.6	29838 (AMC) (AMC)
19 25	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:25a... 2600:9000:25a2:ec00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:4325:b598:a92b:8a38	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.17.242.240 52.17.242.240	16509 (AMAZON-02) (AMAZON-02)
1 1	3.125.137.228 3.125.137.228	16509 (AMAZON-02) (AMAZON-02)
1	18.239.69.49 18.239.69.49	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.70.125.191 52.70.125.191	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	130.211.16.234 130.211.16.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
255	66

1 74.214.203.11 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

click1.members.salemsurround.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cc (United States)

ASN13335 (CLOUDFLARENET, US)

wava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.saleminteractivemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.swncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-126.ams58.r.cloudfront.net

xp.audience.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49d1 (United States)

ASN13335 (CLOUDFLARENET, US)

salemlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:8400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-10.zrh55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.216.91.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.113.21 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 471495.cloudwaysapps.com

heysaltylady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.77.143.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
katzmedia.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.212.97 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-212-97.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.77.83.246 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sim-cms-public.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2412 (United States)

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:8eee:: (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.242.100 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-172-242-100.bud50.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.138.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-138-233.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (Commack, United States)

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.158.49 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:4325:b598:a92b:8a38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.242.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-242-240.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.137.228 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-137-228.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-49.ams58.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.125.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-125-191.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.16.234 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.16.211.130.bc.googleusercontent.com

adobe.adhaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com 1 redirects feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	354 KB
32	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	438 KB
29	saleminteractivemedia.com cdn.saleminteractivemedia.com — Cisco Umbrella Rank: 327067	2 MB
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4333 i.simpli.fi — Cisco Umbrella Rank: 3745 um.simpli.fi — Cisco Umbrella Rank: 780	12 KB
18	swncdn.com i.swncdn.com — Cisco Umbrella Rank: 98742	162 KB
13	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 katzmedia.demdex.net — Cisco Umbrella Rank: 95316	13 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	376 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	207 KB
10	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	552 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	386 KB
5	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	23 B
4	pro-market.net 3 redirects fei.pro-market.net — Cisco Umbrella Rank: 2174 pbid.pro-market.net — Cisco Umbrella Rank: 7195	1 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491	980 B
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850 sync.crwdcntrl.net — Cisco Umbrella Rank: 799	13 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	179 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
3	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	149 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	669 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	13 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 499 d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	712 B
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 2806	675 B
2	azurewebsites.net sim-cms-public.azurewebsites.net	5 KB
2	heysaltylady.com heysaltylady.com	436 KB
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352 dp2.33across.com — Cisco Umbrella Rank: 11078	5 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	266 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 630	7 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1053	104 B
2	wava.com wava.com	19 KB
1	adhaven.com 1 redirects adobe.adhaven.com — Cisco Umbrella Rank: 43319	242 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 835	311 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	444 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1556	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 846
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1812	72 B
1	ad.gt 1 redirects ids.ad.gt — Cisco Umbrella Rank: 1540	172 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2916	248 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2348	452 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1824	339 B
1	media6degrees.com idpix.media6degrees.com — Cisco Umbrella Rank: 1668	205 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1031	697 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308	632 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	salemlivechat.com salemlivechat.com — Cisco Umbrella Rank: 444861
1	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4588	56 KB
1	audience.io xp.audience.io — Cisco Umbrella Rank: 91066	9 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1814	47 KB
1	salemsurround.com 1 redirects click1.members.salemsurround.com	295 B
255	65

	Domain	Requested by
32	tpc.googlesyndication.com	1 redirects wava.com cadmus.script.ac feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com tpc.googlesyndication.com
29	cdn.saleminteractivemedia.com	wava.com cdn.saleminteractivemedia.com feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
25	um.simpli.fi	19 redirects
24	securepubads.g.doubleclick.net	6 redirects wava.com cadmus.script.ac
18	i.swncdn.com	wava.com
12	pagead2.googlesyndication.com	wava.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	dpm.demdex.net	cdn.saleminteractivemedia.com wava.com
10	cdn.ampproject.org	cadmus.script.ac
8	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagmanager.com	wava.com cadmus.script.ac
6	www.googletagservices.com	cadmus.script.ac feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
5	www.googleadservices.com	1 redirects wava.com
5	www.google.com	2 redirects wava.com cadmus.script.ac
5	feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com	cadmus.script.ac
5	region1.analytics.google.com	www.googletagmanager.com
4	connect.facebook.net	cadmus.script.ac
4	fonts.googleapis.com	wava.com cadmus.script.ac feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	fei.pro-market.net	3 redirects
3	encrypted-tbn1.gstatic.com	feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	1 redirects feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
3	idsync.rlcdn.com	wava.com
3	www.facebook.com	1 redirects wava.com cadmus.script.ac
3	www.google.de	wava.com
3	cdn.jsdelivr.net	wava.com cadmus.script.ac
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	ads.scorecardresearch.com	2 redirects
2	sim-cms-public.azurewebsites.net	cadmus.script.ac
2	katzmedia.demdex.net	cadmus.script.ac cdn.saleminteractivemedia.com
2	heysaltylady.com	wava.com
2	oajs.openx.net	1 redirects wava.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	gum.criteo.com	1 redirects cadmus.script.ac
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	s.yimg.com	cadmus.script.ac s.yimg.com
2	i.clean.gg	cadmus.script.ac
2	wava.com	cdn.saleminteractivemedia.com
1	adobe.adhaven.com	1 redirects
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	global.ib-ibi.com
1	i.simpli.fi	cadmus.script.ac
1	ids.ad.gt	1 redirects
1	pixel.onaudience.com	1 redirects
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com	wava.com
1	ml314.com	1 redirects
1	encrypted-tbn3.gstatic.com	feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
1	www.gstatic.com	feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
1	idpix.media6degrees.com	wava.com
1	dp2.33across.com	wava.com
1	sync.mathtag.com	1 redirects
1	cm.everesttech.net	1 redirects
1	google-bidout-d.openx.net	cadmus.script.ac
1	id5-sync.com	cdn.id5-sync.com
1	mug.criteo.com	wava.com
1	sp.analytics.yahoo.com	wava.com
1	static.criteo.net	cadmus.script.ac
1	cdn-ima.33across.com	cadmus.script.ac
1	oa.openxcdn.net	cadmus.script.ac
1	invstatic101.creativecdn.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	cdn.id5-sync.com	cadmus.script.ac
1	cdn.prod.uidapi.com	cadmus.script.ac
1	code.jquery.com	wava.com
1	salemlivechat.com	wava.com
1	cdn.p-n.io	wava.com
1	xp.audience.io	wava.com
1	tag.simpli.fi	wava.com
1	cadmus.script.ac	wava.com
1	click1.members.salemsurround.com	1 redirects
255	87

This site contains links to these domains. Also see Links.

Domain
www.wava4israel.org
www.bibleleague.org
apps.apple.com
play.google.com
www.facebook.com
twitter.com
player.listenlive.co
dc.discountshoppingclub.com
donate.focusonthefamily.com
alexa-skills.amazon.com
salemmedia.com
cdn.saleminteractivemedia.com
publicfiles.fcc.gov
dc.salemsurround.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
cdn.saleminteractivemedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
xp.audience.io Amazon RSA 2048 M02	`2023-02-03` - `2024-03-03`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M03	`2023-12-16` - `2025-01-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-03` - `2024-01-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.swncdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-14`	a year	crt.sh
heysaltylady.com R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2023-10-31` - `2024-06-27`	8 months	crt.sh
dstillery.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-21` - `2024-05-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ib-ibi.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-02`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://wava.com/
Frame ID: 935E2F6D11F4EB35F963020FE8DC50D9
Requests: 134 HTTP requests in this frame

Frame: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 835FBE4071072786C5D5013F1E3AD9D9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wava.com
Frame ID: 294A6C2442B099AB9F3EEF642D818D98
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B23CBC5CCDEA06F572930EC8DA0CF7A5
Requests: 1 HTTP requests in this frame

Frame: https://katzmedia.demdex.net/dest5.html?d_nsid=0
Frame ID: F1ECBAE0404E88C2B2D5B7DF76986F93
Requests: 15 HTTP requests in this frame

Frame: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0EA79FB4CC6AECBA38F3044B0E5D2D2
Requests: 7 HTTP requests in this frame

Frame: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CE0EBE59C87B9EE638C2AB4C7C24B548
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWiHzmowxc4meB4ke52FP5u1BNm0nT6DPMu3yqeDchBjbHspwuBD04ldbzr3XnfidCf0AN06On1dhrcJ17txipnsEVhfHtEjRHCJHBfoI2RsM5DRZuukE47NDqEbmSc8Vc_Xg51-x7rfte3wlskC-unq58FE5bVb-iBfg23Q5SWqr0faeNg0cFwkZCcI0a-3WIJejgyRRcRxhWiMdfb7JVzjF5hMd5myLR_N1qo_CHuvbCnw2Su04M-1W2p3EoUVzldkQtWXmuYjov1WwgG4J1-0J8up2BLaNJHFTERy4x_Mi-wMRPWdeOYLzozZYNVi4XKEURXm0F4U_8_C4SP3pgKD5bgTbdjVqqrGeYbfxi&sai=AMfl-YQsaLeUjEAgY8_3UMLI7FXsYlXH4oWuDFIDd20YFO4bwIVWOqoX1zIaYo2_uk5SuH6wPxBWQS0_65VrF5SJzE1C2Ff_QJEoiCrf_hYxvUEiV7usSAIhM9FcmSykLfdpPSFLLjj7r6swCxjGkz6qQ04K&sig=Cg0ArKJSzLQun2IKLCKgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E7C827210C03DCE275F16A1D6F62E649
Requests: 11 HTTP requests in this frame

Frame: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B9AE8BDA6DF66431FB161D2DB9B53760
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 87B9F0AEB390E6594BB1B24C2CB8C3E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: E678771D854A198694A3D381B6C65F3E
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIW1USDjc0okHB_VOFrxr49JuS1c6cXUU1KF5uWjb6t2whVjuTXemmoPYFqAc8AXG_ceH-2I5XHe5Brlmc8Gu0HdQrwrJbr4DWJqCkr41UmbZuQzoX39GBRRAtvOctJ2k_zjYrIAOP7Wj7t9rpk2co-BvPU188WYFohIdO1tYj6VmEKHbtLkzSw5W5_N3Z2kl_6NRoD9QmaCb2S01BhpW7fT4v0fCXjRXtXohHiGL9yzzO42VaF_NSO4qk3Eu9LFWt1GBKS8SotXNHC-hwRWxR42f-QQDA1CAXBdsrpwb1Izj9WM6KsujxnlxCDnaWLPcNjloVv0YiF2Q1mYwMvs-QVaZPWPaI96C0tfHk&sai=AMfl-YTjqU6nGikTIsPX-3MdZPNlb4BpMY3Ddk0nt74lCxYjUbN7vOWBrxKWJGdVEoAFX5eSiBsa7vUKoqOmlRFap75pgToTdy1ViUbxhkm-W9PbC0eEcF4g0ff4-V53sowBSKnkIru_SDRtECmjzV_9tMz8&sig=Cg0ArKJSzNZKVI68poNnEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F0A1D78566D2A92728E3C07FCCE3A818
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: D227968BD6884332B6B11A74E0E9394D
Requests: 1 HTTP requests in this frame

Frame: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3234408DC0AA2124A42CF94022ED8543
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html
Frame ID: 6E685F36425EF035B7AE56FF419312A7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4BFE6FD6DC2A0667DAF0FA27D69D198
Requests: 2 HTTP requests in this frame

Frame: https://ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 084E47079519E355ECA01CD0CB5830C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 219A7A161ACAC647CE46604EC0A4ED47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB43D0E170AD01FF06A91D80D06E4EEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF2148F1E39FBF51DF0624C5A919098A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: C8AE2C75ECDD7E9C8655D4C5AF94F674
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ef507736371d8%2526domain%253Dwava.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwava.com%25252Ff1fa4849cadf37%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWAVARadio%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: E264C96C7C1639EE5B6916C3294D0993
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60624A835027580FC02AEDC839931F70
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D7DFBD489895B102A09D53034D30BD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to WAVA 105.1 FM - Washington, DC | 105.1 FM WAVA - Washington D.C., VA

Page URL History Show full URLs

http://click1.members.salemsurround.com/kvhpfqrtkbtjgmmrjrfhzjfpkqjdkmptqkghsmbmttsllvr_iymzybmvbwynghvzdggg.html HTTP 302
https://wava.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

255
Requests

85 %
HTTPS

44 %
IPv6

65
Domains

87
Subdomains

66
IPs

7
Countries

5027 kB
Transfer

10528 kB
Size

48
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://www.wava4israel.org/
Title: call 800-664-5300 or click here to donate!

Search URL Search Domain Scan URL

URL: https://www.bibleleague.org/donation/fan-the-flame-bibles-for-asia-spring23/?media=WAVA

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/id366621318

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.radio.station.WAVA.FM

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WAVARadio
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WAVARadioNow
Title: Find us on Twitter

Search URL Search Domain Scan URL

URL: http://player.listenlive.co/57651
Title: Listen Live

Search URL Search Domain Scan URL

URL: http://dc.discountshoppingclub.com/
Title: Discount Shopping Club

Search URL Search Domain Scan URL

URL: https://donate.focusonthefamily.com/ffapl-23ye?refcd=1758604
Title: Double Your Impact for Families

Search URL Search Domain Scan URL

URL: https://alexa-skills.amazon.com/apis/custom/skills/amzn1.ask.skill.8090b957-e612-4e31-a830-f8ee1aa117e7/launch

Search URL Search Domain Scan URL

URL: https://salemmedia.com/ccpa-sale-opt-out
Title: California - Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://salemmedia.com/salem-radio-stations-ccpa-privacy-notice-for-california-residents/
Title: California - CCPA Notice

Search URL Search Domain Scan URL

URL: https://salemmedia.com/privacy-policy-for-salem-media-group-radio-stations/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/shared/docs/terms-of-use.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cdn.saleminteractivemedia.com/156/media/eeo.pdf?t=2023-12-25T10:47:14
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/WAVA-FM
Title: FCC Online Public File

Search URL Search Domain Scan URL

URL: https://dc.salemsurround.com/
Title: Salem Surround

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjss2NrLjdJOX4n-0W4GAL0pRsoOdxOCL5m7EPM_Av3asLeLb7O_qAky2BP21EStf1Qoyo993SpESQgzELzlAbAApWA0SffTUeOl1yLs6me_Nyr_Dx8NI6klb4FRRO69ZeE_MPp9azXVEXX083DR0moyrItWDXzUTpSeBedilyxBrN12tIVTnmrlCBK35Kx8nk2XWSXWu2E-io8Be1ToUl_8KOLkwvjVbzK_sGMa_dwjqi88jK8e6CpEHUYM4a2mZnATR883Cddh8KDhaokb-qVCJxfEPDIewL9ZPJlkQIvpGnog4IUWesUP-s3KYS90ct_S15u4&sai=AMfl-YSHvW4G67e8xtvgg8l13chbq5xFljy8oEAXi82vhV8QtZrAA16N5lHCpsi--Nu2Or-MTLPXe2K1eWg5ysAHuJCjtio5pR-ez3qKMKmiqJn_7QERWfmOxsaoQMlckDHUKuo7hgnlDuYpmw021eF2h2gC&sig=Cg0ArKJSzLT8cnxT7VxPEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://wava.com/salemnow-why-the-nativity-movie

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsshwtyrtqkYDI3pWnRdcP_W5VZ3PlUTLwdkGml3xiAMdV1SelmIPRYVFUiXBxuTCKAB-cVMwZOVInKI-Aw-LFtkUqbHC1eaC1kfoLrtfcPHLfa0ehdwoVJFH0cF6301HUIrNNYFg31WaGJAdFiW5XycPrn4VqJdgmRw5j15-jxMgXwNfYNSSdp7AdXM2boogNibupicxz_kejng5kC6bhc59er592XpZwRP9-W-OXndOIVm2zt1JSor9kmpMXgDrxfSFtiGPCtKbmKnCnIzvSdl3cBkaYazfXkQvCuwNcQ1nlf8MPx987akPs3roQd6gENkyEo&sai=AMfl-YRqj22E7Y9kOECdKX8riyXYsA0mKjZ_RgTOuvjECvphhMCOXGOH0rCWLFzzogkRxOb6B7vp37BeUVMXvAR50g6chbnM47nOTJiviX4qOqcGgv_ccfZx8bUwERaX5ZKvfp1T-89BICVi_r2QnpWJcXhC&sig=Cg0ArKJSzDdhGWrW-RdyEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://wava.com/salemnow-why-the-nativity-movie

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.members.salemsurround.com/kvhpfqrtkbtjgmmrjrfhzjfpkqjdkmptqkghsmbmttsllvr_iymzybmvbwynghvzdggg.html HTTP 302
https://wava.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://oajs.openx.net/esp?url=https%3A%2F%2Fwava.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwava.com%2F&rid=esp&cc=1

Request Chain 62

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wava.com&sn=ChromeSyncframe&so=0&topUrl=wava.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=IW8sOXx3cjlXeTdPaXlSQlR3cWJ4ZGtnejFxaXVKeXJtbWQzY2tkZDhrTUFmRXJBWWRxbGpkOWcyY3JJazl3UnNEdGJPOElNczk1NStrcTY5ZHJadlY1TForaDArL2F2L1hwVmV4UDRRZ1dKcWFOYmpHTVVYNEtQY1RUMGlzNElsQm5EbWc1YTBHWGNpU1BZY3pKcXgrL2M0K1ltYVhDQURTV0R0WlVVZVlnV1BnaG9OSXRqWDZOeGVhVGRtTVpyVzBIR2VnZ1FpNzRSdnpvRDYvUDRjeDE4REN4UTlJTHY1MUlDTlV3WDNNMTdldGRzNTJNREU0TklReGx1d2t3akNVa3JVRmQ5bi9yOHZ4cUhlT2k5aDBDQXN6dz09fA&cppv=2

Request Chain 102

https://cm.everesttech.net/cm/dd?d_uuid=62989169264508439662293047501763076553 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYldswAAANE33wOV

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=62989169264508439662293047501763076553&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d62989169264508439662293047501763076553 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=0bbc6589-5db3-4d00-9f68-a46a42649d60&ddsuuid=62989169264508439662293047501763076553

Request Chain 151

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstscuGdjLjPQQhEFyxcJwBHLInhfV75xmvpQ8I6vlApUUJ7q7YZOmbGAypQAXG6jITqdlmH5uyzvFA9txGjAbsEoVNvimM-hBwurKqYPjcMYmzOTjs8T27EJy7gffH-w1xrD9NByMP07Y8m18faXvG9ZIp9TlcwUZd0W0FBvVVci8Blunr1OaBvkddMRcbY8wOYt0bTLLIvQaE2PGIY652-jRMXvsAWpyS2cJpKDZYUBIMznke-zxm_9vfz8uOE3E1wWeHPYeypuujNcVdFNKfzHAXAnCZK0GDlQJa1kZtRq5XzYwkXK9Qp9fwQx62OLnXcZ-5LJ81Q4pByO_80pG7ERZxtJNxtCq_lGoDXbCLO&sai=AMfl-YQ7dcimXvK1h128ej3HN2t_nskuhMEg31USIdwWW8Fwgxhy-Lts3pTVZmfMCw7j5Uyw5OO7F404adIN8OxSO4QLTq4NZX_BYoeBT8aHOXLVqSHTAPkaqS1KwTlhDgOAUBEjfHZQGimHzAhseo3vih2b&sig=Cg0ArKJSzCkXYgAcNRqzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/salem-books-holiday-gift-guide-450x75.jpg HTTP 302
https://cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/salem-books-holiday-gift-guide-450x75.jpg

Request Chain 154

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjyHKGTOWEQ1-tgycn-7x8Jvp_KaxG_g2NfSKHJUXPUpbnYoR9gX_Nr0b5B-m8f5wRjLI0XJ5t8SJa4Kj2bWYF4tVFVDAXc7zgHwCL73VtcT6g4_SuXFGdHM5kHRA4BFj1bz5QAdzrOFTg8fqGLcPD_EY2YCsdKxGfWwTby9pOTYoQgr-oK41uUaUCFDyendN7XjdrUWDxV6vn82zQhOeof4PCAmWigRpV7Q86kRZYqAWSGjD3WaHMbhS46asXuCRLpe1GJJHB2isjjJ-bFFowRfQ_S_zzfz723f2RqWqGImpj-WQxBxFC8CqrJlmjcMH3uBgwcHPvt7JCeB1ZKW9LhkRNis69tL_WpJ6ba0XP&sai=AMfl-YQS76CncFqQ51QXl63kQ5gsG1RicNj1bYAt3OQEMadXVuP9_jhLN7g4ifZUVpJvD1cIO6EOXz4EKpwELDkTp6jfxttENgFFCDgG3kh2nAVmo1Ijn5u-qh2QHBkA6fyy2JjG7EghKtYt4M4tgACbYyNG&sig=Cg0ArKJSzAZ3Fe_0QMwPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/praying-through-the-bible-book-giveaway-300x250.jpg HTTP 302
https://cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/praying-through-the-bible-book-giveaway-300x250.jpg

Request Chain 161

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc6ZLHhQEQ0A8Y0A8yCHN2A60O3Inw HTTP 301
https://tpc.googlesyndication.com/simgad/17491665642073105354

Request Chain 165

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640879971541975169

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=62989169264508439662293047501763076553 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=1779347428295919859

Request Chain 183

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6YIysl2JZffHFP2T7_UP6MqiiAna6Z7vcYrD09_tEY-2nLr1PhABINHtoBdglQKgAdW236IDyAEJqQJx9dySZnqyPuACAKgDAcgDywSqBJUCT9BaZc-G5iDjLlpf_jfRU0HvFUuHov7mfwJZDqM4aCcK4-iCNMIu9-sjIyvR8oS9S1c1xXt1eT3HgP2ABiNjmo5P-W71qtuWTKVIrQgF2cZvfLO2t97Qqo0zDrMbi8YkSmqYiS97qQhvg4cHyyyiSx2CRH_Qe01d4c046jD0lskFAXOgVIBlRwSQwB_rUoOS8nFlZXf91hA3_v356ysng_Hnw5LNN7S1zJ21fvcpqcZnfe4E3EuOEQj2r8fBkF9OL1brNKn4_h4EE7HyG-1flnIX6ywoahQw-ldDBOirFqwFOTN3SHnrW3UifhJajtnSMbRv0T5sHGNIXH1nD-bu7q_ypdleehlYfQLTOwXhZrx6k3hW6cAE_cmazqwE4AQBiAWMzqzmS5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeTyaBdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEMzLJNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYutjGz7SqgwOaCSZodHRwczovL2VkZWxzdGFobC10dWVya2xpbmdlbC5kZS92ZG0xMIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIs73Hz7SqgwMV_cm7CB1opQiR2BMOiBQE0BUBgBcBshceChwIABIUcHViLTk0NTA2NTUyMDk4MjQ2MTcYrdIVshgDIgEA&sigh=Bpq9ERqQ7oY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212715961018762150041%22,%22debug_reporting%22:true,%22destination%22:%22https://edelstahl-tuerklingel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878173013%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227240446182029298817%22}&andc=true

Request Chain 187

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=62989169264508439662293047501763076553&rn=1703501234883&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D62989169264508439662293047501763076553 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=62989169264508439662293047501763076553&rn=1703501234883&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D62989169264508439662293047501763076553 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=62989169264508439662293047501763076553

Request Chain 189

https://securepubads.g.doubleclick.net/pagead/adview?ai=CIIVxsl2JZfXHFP2T7_UP6MqiiAnu3-j_dP2fjIKMEq65hq6MDhABINHtoBdglQKgAe3C2bUCyAEJ4AIAqAMByAMCqgSWAk_QuxyEmcPN1oMqs1GkMuZ4uEB_ehFfE4p6o0nN_VLa1b6jQioPmaC90rC4hG3RQz5cTjTFfgNTwrtcsWe8rGizkeBqHxdpuoSp_Y8VD_lhi04yleStkaMYfceUbHxi7FiUXflME3BWyCgzpp4U_tgjlxHjzQS6taTLmqELpNKzRw2UsvdVKNuxS16vDTsjhj-r5jZw6NkUSP1zQGDZnTcpHn5MEWCLl4o1c5g_3Rtf9j-Y4jo1K_eyVyg4laQOFf54qZFTYLc628RNPAF5TlfoFIMqW1pP843DgdQvQiwaeNXb-OOxag3AoZz21uOFSgif15eh1DPKrTF4fnJmHuAn-VPO_yX8W_3VyxgsLYKCl8VVQgrpwATq5KjJzgTgBAGIBeTo-N5NkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQhrgn0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOli62MbPtKqDA5oJvgFodHRwczovL211c2NsZS1ib29zdGVyLmlvP2JyYW5jaC1uYW1lPWdvb2dsZSZ0ZXN0LW5hbWU9Z280dGlrJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwODY4NjQxODkyJmFkZ3JvdXBfaWQ9MTU4NTMwNjc5NDAyJmFkX2lkPTY4NTAyNzEyMTY5NCZ1dG1fdGVybT0mcGxhY2VtZW50PXdhdmEuY29tgAoDyAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAuINEwixvcfPtKqDAxX9ybsIHWilCJHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTQ1MDY1NTIwOTgyNDYxNxit0hWyGAMiAQA&sigh=k8jLMlwzgSg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224700206781965469144%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229749961760483109953%22}&andc=true

Request Chain 193

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=62989169264508439662293047501763076553?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 200

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=c6a353ce7b858fbabc1fe2ba6e85638c

Request Chain 202

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS8lij8vsTSvGTvFwGmJ6_7n4LSrNUv1QZuU8A0h6jQQQUZm7j0xKRcX7XHUHhVxyaG1GdkH7A5iNl5GHgAs68gteuXE_uDP9aJqJcY3tpOoGxMKF2lUZaLi38AVm9E7-v0T6mbXq0Z4fkEow_cmEAHG5yoOClkf4XMp0tackR9I6I3hrbomM3XbrEuSU1C1fGjFcInuomkhZvSOz5eytfkr8Ht_ifI9OwmamVONKOHVKAVHq9EBdk-EQsi9z7BTBztVu1friU6fXzhBy9KkJIFuVGMG1r1AA6DSvYOEKX56_NdabxFFIKi70AaWHbAl6DJdEMngcKL4xHA8U7WTHOjg9L6ReioA&sai=AMfl-YR0cEgbdx22roHZX-Lf-WDTueb5H83lswZFCQM-73qIXq-qNp2CpSbKZ_ZVB_NLBGVQ8-gtSX0YxsGsaWVwwmmGjLIR0llNLFSescXsZFVfFGc5vaYkr8YMWsyHdvL7-yVXZ1UhyOp1ZgD5W_CFfq2M&sig=Cg0ArKJSzOksCyKSPk1zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-780x680.jpg HTTP 302
https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-780x680.jpg

Request Chain 203

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp3_XWsObEIm_uIGnHrUr2ilZGE4-5RiavyWIXFu1xT-YyjTFcyvGHIUPqXXU7oHyIshZUnKFHKmdhB2UxMEJv3yqIpk-5rRMl9lj6xABEOfkCGc75MImqFd64Cg9RgDdAZQZXppKY1VpBTrzxLs3CiIRvvkMJ88Nh_jIRu6T5cSJIBEUR1m_xB1jVlNcCDju29ibv7cY5zS0oZhVrjiz2fE4bd8HV4Zopx8uhI3m8NnIVcblykjXa_a7m5ALpTzhoFDYSkVlmTu5hyT6bidYinSKbdFuMUGagr9HJ7wrIv_NEt1g2JiswRJ7sMlBOxuxSlxJs8FcrS-0&sai=AMfl-YTHeO_4QUS3EiS5Ggnmp_NFWaPVTLQgne8UJ5mOl4TztCxYD3WhWZzCP4zNCHc_WVCK0gsH3xrpkVVtN1eOP6ae3tEXesOqyK-XvYZZpshVmspaFULy4pmRjBFFPwE7wd9JQ6ip6f6qSHBWM_n4KUT7&sig=Cg0ArKJSzCEwKmnV93TtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-728x90.jpg HTTP 302
https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-728x90.jpg

Request Chain 204

https://pixel.onaudience.com/?partner=130&mapped=62989169264508439662293047501763076553&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

Request Chain 217

https://ids.ad.gt/api/v1/put/adb?adb=$62989169264508439662293047501763076553 HTTP 302
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=203e9537-92a2-4e7c-9402-1ea1498246aa

Request Chain 221

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ef507736371d8%26domain%3Dwava.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwava.com%252Ff1fa4849cadf37%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWAVARadio%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ef507736371d8%2526domain%253Dwava.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwava.com%25252Ff1fa4849cadf37%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWAVARadio%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Request Chain 227

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=47440E3F6C204311816184C3BE820E2D

Request Chain 228

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/47440E3F6C204311816184C3BE820E2D HTTP 302
https://sync.1rx.io/usersync/simplifi/47440E3F6C204311816184C3BE820E2D?zcc=1&cb=1703501236858 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003

Request Chain 229

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=47440E3F6C204311816184C3BE820E2D&dongle=yf3

Request Chain 230

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=47440E3F6C204311816184C3BE820E2D

Request Chain 231

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D

Request Chain 232

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=47440E3F6C204311816184C3BE820E2D HTTP 302
https://d.agkn.com/pixel/10751/?che=1703501236713&ip=178.162.209.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219753204741001340688 HTTP 302
https://um.simpli.fi/aa_px?sk=219753204741001340688 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 233

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=47440E3F6C204311816184C3BE820E2D

Request Chain 236

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=47440E3F6C204311816184C3BE820E2D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=47440E3F6C204311816184C3BE820E2D;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTM3MTg2Nzg0NjY0NzY1NTQ3NDc= HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJNb1cCrhCqjMWjhf0b8G8Y&google_cver=1

Request Chain 237

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0&xl8blockcheck=1

Request Chain 239

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=47440E3F6C204311816184C3BE820E2D

Request Chain 240

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=47440E3F6C204311816184C3BE820E2D

Request Chain 241

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=47440E3F6C204311816184C3BE820E2D

Request Chain 242

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=47440E3F6C204311816184C3BE820E2D

Request Chain 243

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=47440E3F6C204311816184C3BE820E2D

Request Chain 244

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703501236475&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=tF2JZbfdH7qY78EP8e6ekAg&sscte=1&crd=KAE&pscrd=IhMIt4fP0LSqgwMVOsw7Ah1xtweC HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4fP0LSqgwMVOsw7Ah1xtweC&is_vtc=1&ocp_id=tF2JZbfdH7qY78EP8e6ekAg&cid=CAQSKQAvHhf_2jIf7TZeNRr42mY1FX7lRwjkDLGtMU3XrtUIJboGErMa_hSt&random=924653783 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4fP0LSqgwMVOsw7Ah1xtweC&is_vtc=1&ocp_id=tF2JZbfdH7qY78EP8e6ekAg&cid=CAQSKQAvHhf_2jIf7TZeNRr42mY1FX7lRwjkDLGtMU3XrtUIJboGErMa_hSt&random=924653783&ipr=y

Request Chain 246

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=47440E3F6C204311816184C3BE820E2D HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D47440E3F6C204311816184C3BE820E2D

Request Chain 247

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=47440E3F6C204311816184C3BE820E2D&expires=365

Request Chain 248

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=47440E3F6C204311816184C3BE820E2D

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESELEw2MS4As5k3-xYl0XUS4Y&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47440E3F6C204311816184C3BE820E2D HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 254

https://adobe.adhaven.com/bid-engine/cs/88cd52b8932ea1f9237bcd284fae8923/v1?puid=62989169264508439662293047501763076553&rd=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D87898%26dpuuid%3D%24UID HTTP 302
https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_e98a8309-1f88-4843-ab7b-86020536f712

255 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wava.com/
Redirect Chain

http://click1.members.salemsurround.com/kvhpfqrtkbtjgmmrjrfhzjfpkqjdkmptqkghsmbmttsllvr_iymzybmvbwynghvzdggg.html
https://wava.com/

91 KB
19 KB

592ms
485ms

Document
text/html

2606:4700:20::681a:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5efd508ab758291f1622f3652fb2828e6d5e3dbf5a1cdf0e1adbabf6ee5e163

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 83b08133cc7265c1-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 10:47:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: autoplay=(self)
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2sd0iKuxdPrPQTbuMvpmlyX%2BcMPYisJMHcf9fd4CUlGbLc4WQpif1XMwACIjBDmG4vyzkumJ%2BebqmdYtMV8nbx3lkjo3a0Rq8SKH2HHi03VeewMku82%2BSbksh%2BoRtRPdbdw9k51"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
server: cloudflare
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Mon, 25 Dec 2023 10:47:12 GMT
Keep-Alive: timeout=60
Location: https://wava.com
Server: Apache-Coyote/1.1

GET
H2 200 smart-app-banner.css
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 6 KB
2 KB 60ms
27ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2364082
x-jsd-version: 2.0.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzhk7ZC2GrcKMJHSy5l3vG6LpJVSjzLvKLAyc7ecNi8oShQ05bLDesaHCD3TsSJxF7tXLJOzkvc8Z9XQdvZFvWHCXOoX0BGKJD%2FApoHokfQTvWT3PYQZxliJ2xs8%2FkWFSHNcEsIRR6OJXnUHTwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83b081371bf8bb4d-FRA

GET
H2 200 script.js Show response
cadmus.script.ac/dfsb9ln9frexb/ 134 KB
47 KB 104ms
66ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e55979958f32733f64f70149f23b6d92aa83a65cfe031c1883b8963ae461842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 16:21:21 GMT
server: cloudflare
age: 0
etag: W/"dc70fe6d240944175a1cc70996f1d2176dea2ac6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 83b081371aea30f9-FRA

GET
H2 200 visitorapi.min.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 63 KB
23 KB 23ms
21ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/visitorapi.min.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ec117a86e37ce5d803887e844fd859f9380d3c825793279d7602e75cd7423e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702510043
content-encoding: gzip
x-cf3: H
content-md5: uCVvGCcd0xy/+yUKnC8B2A==
cf4ttl: 2591749.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 36185be090c60cf6d7197c4ffe1475f2
x-cf2: H
last-modified: Wed, 26 Oct 2022 19:37:11 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DAB7897A41C2A5
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 251

GET
H2 200 dil.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 34 KB
13 KB 19ms
17ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/dil.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d610218a7547090c39359a77303c58a4eaf7ccf19ce108fe395439dc7d4121a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702510043
content-encoding: gzip
x-cf3: H
content-md5: MAI2FIj0ebxtyPvThr96IQ==
cf4ttl: 2591749.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: 09a051d83411a79b8d7881e329042b21
x-cf2: H
last-modified: Tue, 13 Jun 2023 18:42:12 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DB6C3DE7125E2A
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 250

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 129ms
76ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q8YY0N65FC

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a209e3f03b7288042d3a4bde7b9f78eaf06a899315d4a7138e371af6279989ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 10:47:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 77ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd15389ad5ea417d930260a6273f7eda00fb8c4448de99eb6f4eafa32c08050e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 10:47:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 10:47:13 GMT

GET
H2 200 head.ad72ac0fc94d30c41cc6.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 2 KB
1 KB 18ms
16ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/head.ad72ac0fc94d30c41cc6.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e03be07ff491f40cd345d017545075718438fee1e5d3f7b9e36d08a0f9bbc9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703091581
content-encoding: gzip
x-cf3: H
content-md5: ks+ziZVIsBAUGl2EuSwwyQ==
cf4ttl: 2591791.750
x-cf1: 34174:fE.fra2:co:1703091353:cacheN.fra2-01:H
x-cf-reqid: c539936b3e3ad3893d40b989514ae4a9
x-cf2: H
last-modified: Tue, 19 Dec 2023 17:42:38 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00B9E4AA59B0
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 208

GET
H2 200 wava-fm.css
cdn.saleminteractivemedia.com/dist/b67e3280/site-css/2018a/ 184 KB
37 KB 101ms
43ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/b67e3280/site-css/2018a/wava-fm.css?hash=c7a18f9d72750f10a7a2
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 38275885fb99d160c29d531207b23c29bb2e4b23250d60ecc8856e33e95cae32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703501234
content-encoding: gzip
x-cf3: H
content-md5: 92KJS9HDdVFcJ6/7XXKdrg==
cf4ttl: 2353576.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 4cb0636fc3e3ac384bb8b5b8bafdf05a
x-cf2: M
last-modified: Fri, 22 Dec 2023 15:22:53 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC0301DE03EFDD
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 238423

GET
H2 200 a2fee930-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 134ms
23ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6QNWMbiPosIovsSlrED
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 widget.js Show response
xp.audience.io/ 37 KB
9 KB 100ms
19ms Script
application/javascript 18.239.83.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xp.audience.io/widget.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-126.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e30feafcd25ddef80852b736f1d589a7b3ece7d00b045e0e68b7479f4a70fd5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 17:09:00 GMT
content-encoding: gzip
via: 1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amz-version-id: 4u.UV.sWhJULJ41wO1YHmAljEgy2KKC7
last-modified: Wed, 20 Sep 2023 20:10:50 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 322693
etag: W/"b10d43e775267b220f0bbf57271e9093"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: s-maxage=31536000, max-age=300, must-revalidate
x-amz-cf-id: C7TjxpmyfTrGFs8ctU35tnNulAXoDOTkBaN3ELBifqyvUy4aquIzGg==

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 272 KB
56 KB 514ms
474ms Script
application/javascript 18.66.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=vNVufLotGwu6gxamUwUcGGdSkPQmv1W215PJ
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-48.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af62c27f0966dba7d5378474ed00df607ee9d622637d5759f0da2c1003359d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 16:30:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: W/"5d7faf0ba5f0eb3933b9c20baffe147a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: Rpx09ZI2XazGLG523BXFQpl6rfb6stV3wEl-gTj7c-eKenC3OJCEYQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 140ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b6ad6159704469de9025f78f86a21acae5e9c73202de9e7e5ab7a85cb51d040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29366
x-xss-protection: 0
server: cafe
etag: 689 / 19716 / 31080057 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:13 GMT

GET
H2 200 smart-app-banner.js Show response
cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/ 25 KB
9 KB 23ms
22ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3916609
x-jsd-version: 2.0.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230127-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F95RqNG1ZB7QHm8VIMkFFjr541OUwHBGiXSkiq4%2FRsLKcdHreIwbNbJqiayojvwDFIAndjiwjU4TUFA3cevCPUlsKp7PD%2FdYVpFj4B%2F%2Fx9X3z6D9G4zmRCgRw8ThFL%2FvBLt7%2FQAx8QjnRYRbsE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83b081378c8ebb4d-FRA

GET
H2 200 invitation.ashx Show response
salemlivechat.com/scripts/ 0
0 726ms
668ms Script
text/javascript 2606:4700:20::ac43:49d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/scripts/invitation.ashx?company=wavafm
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 app-store-badge.png
cdn.saleminteractivemedia.com/186/media/mobile-apps/ 2 KB
3 KB 12ms
12ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/media/mobile-apps/app-store-badge.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f3280b7afb3096ad2c19bacfe5eedd55d3b4434dd98f855430e13f40a767bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702511096
x-cf3: H
content-md5: dTUx8/yLPW6CKEvfjxIALg==
cf4ttl: 2590696.500
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 3ccce044879950f7df377f6967688cc7
content-length: 2220
x-cf2: H
last-modified: Tue, 09 May 2017 19:36:06 GMT
server: CFS 0215
x-cff: B
etag: W/0x8D49712A3359B57
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 1303
accept-ranges: bytes

GET
H2 200 google-play-badge.png
cdn.saleminteractivemedia.com/186/media/mobile-apps/ 4 KB
4 KB 11ms
11ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/media/mobile-apps/google-play-badge.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0fd63111612f20cd4b65c93e262295a6306065f66fb2961957dcb08d5ddb1e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702511096
x-cf3: H
content-md5: jIFHUaK4YWm3b41hRtLFbQ==
cf4ttl: 2590696.500
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: e9a0c5c4bdf3529a25b21a3865de9b63
x-ms-meta-uploadedby: Overby,Arnold
content-length: 3823
x-cf2: H
last-modified: Fri, 19 May 2023 16:26:20 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DB5885C7A2C2C7
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 1303
accept-ranges: bytes

GET
H2 200 just-ask-alexa-135x62.png
cdn.saleminteractivemedia.com/186/media/mobile-apps/ 5 KB
5 KB 26ms
26ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/media/mobile-apps/just-ask-alexa-135x62.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1951f0a1372aaa26756835bb48dd597c23ab25ed33e5f2e9f83f04431749974d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702512223
x-cf3: H
content-md5: HFee24LLQ6pojogUoTCr6Q==
cf4ttl: 2589595.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: bc8610691ae7d7c66aa1c9fc1ea32746
content-length: 4944
x-cf2: H
last-modified: Thu, 30 Mar 2023 19:35:20 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DB3155E5D46694
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2405
accept-ranges: bytes

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 49ms
13ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://wava.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5046546
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-eddf8230086-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703501234.906667,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 1939347

GET
H2 200 legacy-main.min.js Show response
cdn.saleminteractivemedia.com/shared/scripts/ 703 B
1 KB 19ms
18ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.min.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 588133c793503d8e894dd83e66971a0021c12acefe6003c60e2faa40948d09b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702510043
x-cf3: H
content-md5: TScqCQvt4cZFL1uRf4U93Q==
cf4ttl: 2591749.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: cf34328c8aee12b0e9451c1f5d4ef9c1
content-length: 703
x-cf2: H
last-modified: Tue, 21 Jun 2022 00:19:19 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DA531BAF054F76
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 250
accept-ranges: bytes

GET
H2 200 vendor.b277c96ebd0153da4e7f.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 107 KB
42 KB 15ms
14ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703091581
content-encoding: gzip
x-cf3: H
content-md5: Pv/GkQdecaOXfB0NhOUMYA==
cf4ttl: 2591791.750
x-cf1: 34174:fE.fra2:co:1703091353:cacheN.fra2-01:H
x-cf-reqid: 8f8114dbcdbdd883d0a239a7b8feba6a
x-cf2: H
last-modified: Tue, 19 Dec 2023 17:42:38 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00B9E4B17D9F
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 208

GET
H2 200 vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 26 KB
9 KB 20ms
19ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 986841307db09386ceafe253761bb5afc8446769548317550d4e520a9028bdee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703091626
content-encoding: gzip
x-cf3: H
content-md5: 1CAEMtMsxN3hv47e3KRZAQ==
cf4ttl: 2591746.750
x-cf1: 34174:fE.fra2:co:1703091353:cacheN.fra2-01:H
x-cf-reqid: 0a2cca4d6be51b24f8312506082dd19c
x-cf2: H
last-modified: Tue, 19 Dec 2023 17:42:38 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00B9E4B28DD6
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 253

GET
H2 200 2018a-2018ccm-2019nt~2021nt~ccmmag2023~promotions2020~radiohost2020~surround~surround2021~tuition2020.37360019dc9030c6ae45.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 14 KB
6 KB 29ms
28ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt~2021nt~ccmmag2023~promotions2020~radiohost2020~surround~surround2021~tuition2020.37360019dc9030c6ae45.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 285b79bb40030e20d8c54cd58eb93466d0107ac1e0a7af9b6fbbc549ca51c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703091581
content-encoding: gzip
x-cf3: H
content-md5: MitjcAskTYZhpQr9saGbzg==
cf4ttl: 2591791.750
x-cf1: 34174:fE.fra2:co:1703091353:cacheN.fra2-01:H
x-cf-reqid: 6605f687d3b38d05bb3c5b0e714acf35
x-cf2: H
last-modified: Tue, 19 Dec 2023 17:42:37 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00B9E4578DF5
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 208

GET
H2 200 2018a-2018ccm-2019nt.860ae9d1d3d9479e7b01.js Show response
cdn.saleminteractivemedia.com/dist/static/js/ 162 KB
46 KB 27ms
26ms Script
application/x-javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.860ae9d1d3d9479e7b01.js
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3cbacddde7300222bde23de6eccfb8f4ecbdaf23a7a8c632c18a722202d28293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1703091626
content-encoding: gzip
x-cf3: H
content-md5: LsS92sz7qoTUexAwbQiQhw==
cf4ttl: 2591746.750
x-cf1: 34174:fE.fra2:co:1703091353:cacheN.fra2-01:H
x-cf-reqid: aa306adf6e94b89fa36f9176f8a44a11
x-cf2: H
last-modified: Tue, 19 Dec 2023 17:42:37 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00B9E45263A0
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 253

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 162ms
105ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wava.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Dec 2023 10:47:13 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 107ms
106ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 109ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2NB3SV

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72a6e0c646aac2e2aa4a07c1df0d65192bf4698a69f0295723a20269f5f98b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44465
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 10:47:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
60 KB 84ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

059291739739a339aeed9bd7f3df6486b8f564a1cd7a1496b46b7aac340c3865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61506
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 10:47:13 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 65ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:20:57 GMT
x-content-type-options: nosniff
age: 534376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 06:20:57 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 69ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:07:43 GMT
x-content-type-options: nosniff
age: 362370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:07:43 GMT

GET
H2 200 icomoon.woff
cdn.saleminteractivemedia.com/content/icomoon/fonts/ 14 KB
14 KB 54ms
28ms Font
application/octet-stream 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff
Requested by: Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/b67e3280/site-css/2018a/wava-fm.css?hash=c7a18f9d72750f10a7a2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e325796ceb56d0164e6607348f32959ae812b01bac478a7869975e5bfeb3eaf6

Request headers

Referer: https://cdn.saleminteractivemedia.com/dist/b67e3280/site-css/2018a/wava-fm.css?hash=c7a18f9d72750f10a7a2
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
x-cf-tsc: 1702510043
x-cf3: H
content-md5: Bbz/laQ959ZI0hbHCw4Xlg==
cf4ttl: 2591750.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: e028a5b1eebc0ae5bb5ca943cf02d918
content-length: 14120
x-cf2: H
last-modified: Wed, 13 Dec 2023 19:42:06 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBFC13968E1E9E
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 249
accept-ranges: bytes

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 94ms
19ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 25 Dec 2023 10:00:12 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TFJGTHVAGERA9WDQ
age: 2823
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: ep3SP1VK5TGvfVatwrlHcYWlWyKRZTLahhB3MQZ8VbIFdPO62m/dDBlktbdeilwDMR4poTKfNxg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 66ms
17ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 10:47:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: tQn3Zio3DNCKj5DynLPILpKaqlH/ErP3hiN/lSAGd3bV7RjIyMnlb9N4RaV9GCOulklHFQWhxHgWL5NCCA83yQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-VEN16DTW8J&l=dataLayer&cx=c

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77fc22a31c646a73f49be350a30b611430f556615a62cd157e14ec50e338e9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 10:47:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q8YY0N65FC&l=dataLayer&cx=c

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd36efcf78709ea7b1c63910c50f2ff8906a35f0a8fc4bda6f14bf569fed51fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 10:47:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0P2N2JLF0R&l=dataLayer&cx=c

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

752c8ef1ac11124452580f1e5c8c017341e0d1054638d10bda53e43213f547e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 10:47:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 86ms
86ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VEN16DTW8J&l=dataLayer&cx=c

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

693e536e33456961246fdd5d9488af2bcbd1900ad8f72787488ef466a60126c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89541
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 10:47:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 70ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q8YY0N65FC&gtm=45je3bt0v9119704214&_p=1703501233866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703501234&sct=1&seg=0&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1369
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q8YY0N65FC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 22:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43207
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Dec 2024 22:47:07 GMT

GET
H2 200 10036374.json Show response
s.yimg.com/wi/config/ 2 B
484 B 167ms
121ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10036374.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: G41R4F0PQFE1DC95
age: 1
content-length: 22
x-amz-id-2: h2Kfs9aK550Ffj54yGxYTseRr74YIoPBXiwy3755wWlaDy8Itv34v7NTEDD0oAUWUH0KGJopn+k=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 26ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VEN16DTW8J&gtm=45je3bt0v894581662z8833380761&_p=1703501233866&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703501234&sct=1&seg=0&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=setPagePathAndQueryString&_fv=1&_ss=1&ep.pagePathAndQueryString=%2F&tfd=1468
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-VEN16DTW8J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 77ms
23ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VEN16DTW8J&cid=995915188.1703501234&gtm=45je3bt0v894581662z8833380761&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-VEN16DTW8J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
29ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEN16DTW8J&cid=995915188.1703501234&gtm=45je3bt0v894581662z8833380761&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=629621123

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 23ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VEN16DTW8J&gtm=45je3bt0v894581662&_p=1703501233866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1703501234&sct=1&seg=1&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=page_view&_ee=1&_et=2&tfd=1479
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-VEN16DTW8J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 265ms
264ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0P2N2JLF0R&gtm=45je3bt0v9169279357&_p=1703501233866&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703501234&sct=1&seg=0&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1500
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0P2N2JLF0R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 46ms
23ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0P2N2JLF0R&cid=995915188.1703501234&gtm=45je3bt0v9169279357&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0P2N2JLF0R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0P2N2JLF0R&cid=995915188.1703501234&gtm=45je3bt0v9169279357&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1215427238

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 390961805259193 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 82ms
82ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390961805259193?v=2.9.138&r=stable&domain=wava.com

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f46f34e55177a47695917bac03083369faba890b9aac00ff75d89ed5e8855b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 25 Dec 2023 10:47:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8phhWNDVbApy7LLlmpQa0QFleQWU2WM0+of89m+SWKEr8FjudymOq/U+av5HR7kVHqOtz/V0e4MBsqOiXVEskA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 60ms
14ms Script
text/javascript 2600:9000:2250:8400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 25 Dec 2023 07:24:47 GMT
Via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 12148
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: Dtk9RGQPANcvqa8JwLejphrZVue22iWLaOBVymAFA9dSbgyPmbhZEA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 316ms
33ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: 66DQ5AATCXY2WP34
age: 1692
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83b0813bb91a65c0-FRA
x-amz-id-2: LgyxPuSgdxWm6QeOo8F40RM1LPQ0PkSTUloHvLTYaQx9cx5uIuXfY2sziuJLgz0pYNCrYPDiUPu4vtwsqXIolA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 77ms
23ms Script
text/javascript 18.165.183.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-10.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 23469
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: d0LBXey8VO4KVxdU3N1XeXF_VIJWrTJaKsTpvyC_YyxaLQejKcIdrA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 95ms
33ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f6cafd01f49f66cecc37ce1a50bb04e7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 23ms
23ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32444
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230131-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12R7POR3kpRRlCo5Yq3WFCdpnSGmGvpUy19gmLEOZjQ8JpCKjdxApLPsBvbMfq029FY5KJcC1Fz7jpTkJskiRM0suvgvRwmCB0lL8LCctBqxGVjOoF6dyg3ubQt9Zw8QUhrfe2ROTpExfk2Crds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83b08139fcfc994a-FRA

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 81ms
19ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 21:28:00 GMT
content-encoding: gzip
age: 911954
x-guploader-uploadid: ABPtcPpehaFazAn7UB_wmlP2qgMzPm7UNCOYkGiU1K6rMTCKlvgmx4iaZbWy6ZKK2Tboy_TPA8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 13 Dec 2024 21:28:00 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 68ms
31ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 398512
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83b0813a3aa8bb71-FRA
expires: Thu, 28 Dec 2023 10:47:14 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 72ms
35ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 10:47:14 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 503 KB
94 KB 1031ms
1030ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=135673100263179&correlator=4157345858811930&eid=31080120%2C31080057%2C21065725&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=6177%2Cslm.wavafm%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1200x150%7C970x90%7C728x90%2C1x1%2C1200x150%7C970x250%7C970x90%7C728x90%2C728x90%7C450x75%7C320x50%2C300x300%7C300x250%2C300x600%7C150x300%7C160x600%2C300x300%7C300x250%2C1200x150%7C970x250%7C970x90%7C728x90&ifi=1&didk=2898365840~3464720119~2898365842~3464720117~3464720116~3464720115~3464720114~3464720113~3464720112&sfv=1-0-40&ists=320&sc=1&cookie_enabled=1&abxe=1&dt=1703501234256&lmt=1703501234&adxs=200%2C200%2C200%2C200%2C276%2C1100%2C1100%2C1100%2C200&adys=86%2C86%2C106%2C126%2C210%2C636%2C636%2C656%2C764&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwava.com%2F&vis=1&psz=1200x0%7C1200x0%7C1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&msz=1200x0%7C1200x0%7C1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=995915188.1703501234&ga_sid=1703501234&ga_hid=1499278301&ga_fc=true&dlt=1703501233729&idt=469&prev_scp=pos%3Dpromo%26traffic-percent%3D14%7Cpos%3Dskyline%26traffic-percent%3D14%7Cpos%3Dtakeover%26traffic-percent%3D14%7Cpos%3Dtopfeature%26traffic-percent%3D14%7Cpos%3Dmiddlefeature%26traffic-percent%3D14%7Cpos%3Dtopbox%26traffic-percent%3D14%7Cpos%3Dmiddlebox%26traffic-percent%3D14%7Cpos%3Dbottombox%26traffic-percent%3D14%7Cpos%3Dfooter%26traffic-percent%3D14&cust_params=siteID%3D156&adks=2412377342%2C813501648%2C2412377340%2C3244659155%2C135613486%2C64054557%2C1969582283%2C64054547%2C3244659160&frm=20

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9317301f8c7e782d789dc2c5c7eeef2242be13598448eea1e839180ced922a5d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPXoyc-0qoMDFf3JuwgdaKUIkQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/4801678927716155392/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPXoyc-0qoMDFf3JuwgdaKUIkQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/4801678927716155392/index.html
date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96521
x-xss-protection: 0
google-lineitem-id: 6438625395,6036785643,6440895073,-1,6429851966,6389560967,-1,6422350519,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138458758031,138394383146,138458618406,-1,138457501001,138456318708,-1,138456976909,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wava.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 835F 6 KB
3 KB 546ms
469ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
expires: Tue, 24 Dec 2024 10:47:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 120ms
36ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2025%20Dec%202023%2010%3A47%3A14%20GMT&n=-1&b=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&.yp=10036374&f=https%3A%2F%2Fwava.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 25 Dec 2023 10:47:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 59ms
13ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Fwava.com%2F&rl=&if=false&ts=1703501234283&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1703501234282.1860292367&cs_est=true&ler=empty&it=1703501234184&coo=false&rqm=GET

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Dec 2023 10:47:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 294A 14 KB
6 KB 63ms
21ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wava.com

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 399680
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
329 B 222ms
39ms XHR
application/json 54.216.91.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.91.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0a1eef0b52b81a2860caca1710158372941d85f14b6db557b99da6d8cdec1f51

Request headers

Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://wava.com
cache-control: no-cache
x-server: 10.45.4.35
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwava.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwava.com%2F&rid=esp&cc=1

85 B
194 B

138ms
137ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwava.com%2F&rid=esp&cc=1
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 212fdfad718a69574e512f9f185792de8d7cc2725f259092a4cfe2306c7515ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-HMgLvfmpAGM18lHz+GErYY2FdR4"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wava.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 25 Dec 2023 10:47:14 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://wava.com
location: /esp?url=https%3A%2F%2Fwava.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 294A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wava.com&sn=ChromeSyncframe&so=0&topUrl=wava.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=IW8sOXx3cjlXeTdPaXlSQlR3cWJ4ZGtnejFxaXVKeXJtbWQzY2tkZDhrTUFmRXJBWWRxbGpkOWcyY3JJazl3UnNEdGJPOElNczk1NStrcTY5ZHJadlY1TForaDArL2F2L1hwVmV4UDRRZ1dKcWFOYmpHTVVYNEtQY1RUMG...

431 B
652 B

19ms
19ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IW8sOXx3cjlXeTdPaXlSQlR3cWJ4ZGtnejFxaXVKeXJtbWQzY2tkZDhrTUFmRXJBWWRxbGpkOWcyY3JJazl3UnNEdGJPOElNczk1NStrcTY5ZHJadlY1TForaDArL2F2L1hwVmV4UDRRZ1dKcWFOYmpHTVVYNEtQY1RUMGlzNElsQm5EbWc1YTBHWGNpU1BZY3pKcXgrL2M0K1ltYVhDQURTV0R0WlVVZVlnV1BnaG9OSXRqWDZOeGVhVGRtTVpyVzBIR2VnZ1FpNzRSdnpvRDYvUDRjeDE4REN4UTlJTHY1MUlDTlV3WDNNMTdldGRzNTJNREU0TklReGx1d2t3akNVa3JVRmQ5bi9yOHZ4cUhlT2k5aDBDQXN6dz09fA&cppv=2

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4b362acd68b679ff4523e6a9e5c081f4c41d385704d0e2fe048665c2017d0511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1129310
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=IW8sOXx3cjlXeTdPaXlSQlR3cWJ4ZGtnejFxaXVKeXJtbWQzY2tkZDhrTUFmRXJBWWRxbGpkOWcyY3JJazl3UnNEdGJPOElNczk1NStrcTY5ZHJadlY1TForaDArL2F2L1hwVmV4UDRRZ1dKcWFOYmpHTVVYNEtQY1RUMGlzNElsQm5EbWc1YTBHWGNpU1BZY3pKcXgrL2M0K1ltYVhDQURTV0R0WlVVZVlnV1BnaG9OSXRqWDZOeGVhVGRtTVpyVzBIR2VnZ1FpNzRSdnpvRDYvUDRjeDE4REN4UTlJTHY1MUlDTlV3WDNNMTdldGRzNTJNREU0TklReGx1d2t3akNVa3JVRmQ5bi9yOHZ4cUhlT2k5aDBDQXN6dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 334355
content-length: 0
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
224 B 59ms
13ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wava.com
date: Mon, 25 Dec 2023 10:47:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

12bdc5d4cadcdb794b13b4cd1cfb46b2bebdd9b7555696affe453ef4031a8eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 10:47:14 GMT
content-md5: 9emAPKewmUEeWpgl68U4fQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: Mc1vpes9pwZ7VVyzcrhsKvbBA4pPgJBpOKQJYLH4kwHjW+VJr/7mDjP9BU5EZdgCFnN1bmSMlCo2gCUNQVVe/Q==
x-fb-content-md5: a252546c030e3dd3ac15643d6e15f6c7
cross-origin-opener-policy: same-origin-allow-popups
etag: "b845e8d6f9bcf7029a14df3416283c63"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Dec 2023 11:03:59 GMT

POST
H2 200 getprogramguideinfo Show response
wava.com/ 882 B
669 B 126ms
123ms XHR
application/json 2606:4700:20::681a:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wava.com/getprogramguideinfo

Requested by

Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a55286fcc878a71dd2b44f549a39a97332aff7bfd8a8e77f1e2ef7219aeb7faf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
arr-disable-session-affinity: true
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6
referrer-policy: no-referrer-when-downgrade
x-aspnetmvc-version: 5.2
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8G8ENveZg%2Bbdus8ZpwXR%2Buih949B%2Bsu%2BK2sZH2Zz7ZnJ1AjBkSk8gMsdnTABXgfASK4uw4l4sM1k8MdAFBLa5cxikzXdIQM8tqGxQYd6sDlq3xus8%2BaTMrDiguxEhWsTj5fMM9kI"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Request-Context
cache-control: private
permissions-policy: autoplay=(self)
cf-ray: 83b0813cdf3265c1-FRA

GET
H2 200 christmas-logo.png
cdn.saleminteractivemedia.com/156/media/site-assets/ 132 KB
132 KB 16ms
13ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/156/media/site-assets/christmas-logo.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: afdba2bdc2847d665dff96aab3323dc18c94c61e0c2b4bf67d10d670af44c30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703501235
x-cf3: H
content-md5: d9ROnI1kQpd9BqPtyeoSug==
cf4ttl: 2346956.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 686888778348c48da255b6ae36a82384
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 134715
x-cf2: M
last-modified: Thu, 19 Nov 2020 01:44:41 GMT
server: CFS 0215
x-cff: B
etag: W/0x8D88C2CAF0CCCD5
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 245043
accept-ranges: bytes

GET
H2 200 play-button.png
cdn.saleminteractivemedia.com/shared/images/ 2 KB
2 KB 14ms
11ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/play-button.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702512794
x-cf3: H
content-md5: iK52X5B86FHk7qX9XxbesA==
cf4ttl: 2588999.500
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 95551baf6b9f73f89927efa98266cb4a
content-length: 1851
x-cf2: H
last-modified: Fri, 26 Oct 2018 17:40:26 GMT
server: CFS 0215
x-cff: B
etag: W/0x8D63B6A1D42BC9E
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 3000
accept-ranges: bytes

GET
H2 200 img-6996.jpg
cdn.saleminteractivemedia.com/156/content/283107/ 116 KB
117 KB 45ms
43ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/156/content/283107/img-6996.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9cca86ed04972c1c733afb4d2fef5bb212b864b9a3b3b14dcd32d215b72fb2b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703501235
x-cf3: H
content-md5: Lhx0bxWrTAoWH3PvUb2ykA==
cf4ttl: 2501038.750
x-cf1: 34174:fE.fra2:co:1702942120:cacheN.fra2-01:M
x-cf-reqid: 7ccc6172a66e9009b3b6010c587f6d9f
x-ms-meta-uploadedby: Sapryga,Reema
content-length: 118585
x-cf2: M
last-modified: Mon, 18 Dec 2023 23:28:39 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC002110E403A7
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 90961
accept-ranges: bytes

GET
H2 200 fotf-fye2023-match-save-babies-880x440.jpg
cdn.saleminteractivemedia.com/114/content/282701/ 49 KB
50 KB 15ms
12ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/114/content/282701/fotf-fye2023-match-save-babies-880x440.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a22ce1e08fd2ba8b47f0e4db8dd62b98526d37e96bcf558061b112ab0fd3b5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702982893
x-cf3: H
content-md5: GQIlT1dNBRTwZ91q0Z9k7Q==
cf4ttl: 2515374.500
x-cf1: 34174:fE.fra2:co:1702906183:cacheN.fra2-01:M
x-cf-reqid: 9984c1e53befae4e943cd1995e458978
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 50088
x-cf2: H
last-modified: Mon, 18 Dec 2023 13:29:43 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBFFCD65029F96
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 76625
accept-ranges: bytes

GET
H2 200 880x440-hero-image.jpg
cdn.saleminteractivemedia.com/187/content/283506/ 66 KB
66 KB 45ms
42ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/content/283506/880x440-hero-image.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 4f3a3342e8fce37ddb44ab05612a06bf69d7dc95385f81eb37ab44af6c234124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702543637
x-cf3: H
content-md5: ngFp+Js8bMveh/PvpGXwMQ==
cf4ttl: 2559041.750
x-cf1: 34174:fE.fra2:co:1702314208:cacheN.fra2-01:M
x-cf-reqid: 657729eb15169d75b9636e2ffb33b192
x-ms-meta-uploadedby: Bowen,John
content-length: 67370
x-cf2: H
last-modified: Mon, 11 Dec 2023 17:03:27 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBFA6B184659D9
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 32958
accept-ranges: bytes

GET
H2 200 wisemen-1000x500.jpg
cdn.saleminteractivemedia.com/186/content/282791/ 76 KB
76 KB 41ms
39ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/content/282791/wisemen-1000x500.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0860756e4fc47130fc93aa7edca1801f10b8c916b191f71161502971088401e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703501235
x-cf3: H
content-md5: 7q/8rFJUCflW3Bs5SjAspw==
cf4ttl: 1601444.000
x-cf1: 34174:fE.fra2:co:1700667016:cacheN.fra2-01:M
x-cf-reqid: 6955912cd19c8079665d5ed8cf49f166
x-ms-meta-uploadedby: Bowen,John
content-length: 77430
x-cf2: M
last-modified: Wed, 22 Nov 2023 15:30:15 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBEB6FED5C3F53
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 990556
accept-ranges: bytes

GET
H2 200 lauren-daigle-hero-880x440.jpg
cdn.saleminteractivemedia.com/187/content/283755/ 68 KB
68 KB 18ms
16ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/content/283755/lauren-daigle-hero-880x440.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6afc5d99e5c7d366e9734f175abbd5c000889b4faf9abc504832b3d6c242c36c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703501235
x-cf3: H
content-md5: OPLZAh3v6jG36X529q3lfA==
cf4ttl: 2015318.250
x-cf1: 34174:fE.fra2:co:1702923112:cacheN.fra2-01:M
x-cf-reqid: f7839138cb9788927f74da115415f178
x-ms-meta-uploadedby: Bowen,John
content-length: 69200
x-cf2: M
last-modified: Mon, 18 Dec 2023 18:11:51 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBFFF4CF63251D
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 576681
accept-ranges: bytes

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/thru-the-bible-with-j-vernon-mcgee/ 7 KB
7 KB 94ms
28ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/thru-the-bible-with-j-vernon-mcgee/640x480.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d96f6763a577fd83207f571f346b5604dceadfacf55f925e1146f71b8e9fff7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702512231
x-cf3: H
cf4ttl: 2347170.000
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 393ffa328f462148bd7f71d4822d92b5
content-length: 7086
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 244829
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/a-new-beginning/ 7 KB
8 KB 93ms
27ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/a-new-beginning/640x480.webp?v=211203-263
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5d331bdb003525f9cbfba474558634f22082fd5b6c6f266aa09763f4027a1da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702512231
x-cf3: H
cf4ttl: 2576965.000
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 99a67d387470b998ffc6fbb1429e9c93
content-length: 7452
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 15034
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/insight-for-living/ 6 KB
6 KB 92ms
26ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/insight-for-living/640x480.webp?v=190710-030
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8aa3d35746ef3e1eb3030a3c31506846fb2ed31b84f581bfdac36d539a4d3fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702543644
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1593624.375
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: 012b039a4b4a677eec4c982db3bdc8e5
cf4age: 998375
accept-ranges: bytes
content-length: 6180

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/focus-on-the-family/ 21 KB
22 KB 79ms
13ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/focus-on-the-family/640x480.webp?v=171004-790
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3363244739b541208e3a660d913296de1cc4092818cc758bc4e180c8ae66fc44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702535848
x-cf3: H
cf4ttl: 2239065.500
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: c55bfa780a6a57995ad85c49e32a2ac4
content-length: 21750
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 352934
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/familylife-today/ 9 KB
9 KB 80ms
13ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/familylife-today/640x480.webp?v=210531-687
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c1482a9f75ba2e56f74e6084fe1e9ebfcb5c9054f7ab533c1973d45049f1c258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702550202
x-cf3: H
cf4ttl: 2333108.250
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: ba408a9714ffffc0479cd5c28c88aa3c
content-length: 9038
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 258891
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/truth-for-life/ 15 KB
15 KB 84ms
18ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/truth-for-life/640x480.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: b7e9855abffcf911c5d45ecac366d14f2f62ffe22255f61c5098edd48e49425a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702490735
x-cf3: H
cf4ttl: 2403394.750
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 8f7321d3a46add24c79b837c435c3449
content-length: 15020
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 188605
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/in-touch/ 4 KB
5 KB 16ms
14ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/in-touch/640x480.webp?v=210423-187
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 752e96d467e756ecd88ce70bca90083a57c786382d415ca2d31dbc65b90c846e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702550213
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1589918.375
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: a2654b8fe3975fff27b344df0f40fa8b
cf4age: 1002081
accept-ranges: bytes
content-length: 4404

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/grace-to-you/ 8 KB
9 KB 15ms
13ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/grace-to-you/640x480.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d56dd83d0ad1d21a8e1c1f5c82ac1ebe16073a13c87dbfe38784140ef0daf4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702550222
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1595120.250
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: 06d1863b07447f467025801f0e54c68a
cf4age: 996879
accept-ranges: bytes
content-length: 8640

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/powerpoint/ 7 KB
7 KB 18ms
17ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/powerpoint/640x480.webp?v=230907-733
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: dcda158b52439c44392cb6bd82bae4eda6d9b32174c00effa046405d25f9deab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702535848
x-cf3: H
cf4ttl: 2592000.000
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: c4695308c4f795faac02cc13e700ac28
content-length: 7088
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 0
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 640x480.webp
i.swncdn.com/cdn/400w/zcast/oneplace/host-images/turning-point/ 5 KB
5 KB 20ms
18ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/400w/zcast/oneplace/host-images/turning-point/640x480.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c08d70384a42fc7c88957773a0a5b2d2a9b50ae3a7e3955838c613653f558a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702535848
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1601420.250
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: f519a0be67d0f53e869d2340a9847586
cf4age: 990579
accept-ranges: bytes
content-length: 5066

GET
H2 200 30076-unsplashpriscilladupreez-2_source_file.webp
i.swncdn.com/media/400w/via/images/2023/03/30/30076/ 5 KB
6 KB 80ms
16ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/images/2023/03/30/30076/30076-unsplashpriscilladupreez-2_source_file.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 512981cf5cec215c8ce551bacc20c1138991a6c2fedb05337d184a5aeaf707a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703291901
x-cf3: H
cf4ttl: 2579941.000
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: c67496620661420efe8a0725f1647003
content-length: 5490
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 12059
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 34050-gettyimages-1413266031-yanatikhonova_source_file.jpeg
i.swncdn.com/media/400w/via/images/2023/12/22/34050/ 30 KB
30 KB 78ms
14ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/images/2023/12/22/34050/34050-gettyimages-1413266031-yanatikhonova_source_file.jpeg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: f8d27a2c90705530c94c11f296470700abb6dd12d1ec4a020e63aa6c239afe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703291254
x-cf3: H
cf4ttl: 2583673.250
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: b0562347d6ec61d95c24c4f1300fabd1
content-length: 30372
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 8326
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 10415-gettyimagescarmenmurillo.webp
i.swncdn.com/media/400w/via/ 8 KB
8 KB 88ms
23ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/10415-gettyimagescarmenmurillo.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: bc6e6513396b5fd53b33e31d77ff032f616870ecb930e41768f9dc0c8684e2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703171857
x-cf3: H
cf4ttl: 2589521.750
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 1aecf1aef6ba895e4cca54c7879930d6
content-length: 8118
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 2478
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 30533-gettyimages-1144130467_source_file.webp
i.swncdn.com/media/400w/via/images/2023/05/03/30533/ 6 KB
7 KB 79ms
15ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/images/2023/05/03/30533/30533-gettyimages-1144130467_source_file.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a599549523e1d68efff4617e197beb56aff53b3ca7576690e34d3a90d23c278f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702545375
x-cf3: H
cf4ttl: 2554535.250
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 7962581d5413ebd65f7454569264003c
content-length: 6350
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 37464
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 23606-a-person-journaling-lilartsy-unsplash.webp
i.swncdn.com/media/400w/via/ 6 KB
6 KB 13ms
11ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/23606-a-person-journaling-lilartsy-unsplash.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9d86d539082126ed1bac1cf976cae08f05469707a250b89665baf97b2a6508df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702489302
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 2522623.500
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: f67c5369ab590dd6b27bfad2c4718e1c
cf4age: 69376
accept-ranges: bytes
content-length: 5832

GET
H2 200 7367-top-of-womans-head-with-question-marks-above.webp
i.swncdn.com/media/400w/via/ 5 KB
6 KB 16ms
14ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/media/400w/via/7367-top-of-womans-head-with-question-marks-above.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ebf3f5cd95bfb55a38133898af32e78e9a34feed8484a795249d9c69f247eb8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1703044287
x-cf3: H
cf4ttl: 2592000.000
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 9927d95ea185ee5918fd6cee8e87f561
content-length: 5360
x-cf2: H
server: CFS 0215
x-cff: B
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000, public
cf4age: 0
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 needprayer300.jpg
cdn.saleminteractivemedia.com/183/content/153317/ 9 KB
9 KB 14ms
12ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/183/content/153317/needprayer300.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 38e9596b7eeeb5ff555a25041cc5c87042ac435ad533b95dfa49e27fe4c4bbfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702512231
x-cf3: H
content-md5: v4XUwLBkoDVMzWq5XXv+Xw==
cf4ttl: 2589588.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 5b097276cfb80229382d94dfde0694c9
content-length: 9118
x-cf2: H
last-modified: Thu, 17 Sep 2020 02:24:00 GMT
server: CFS 0215
x-cff: B
etag: W/0x8D85AB0BCD2D98F
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2411
accept-ranges: bytes

GET
H2 200 template3_logo.png
cdn.saleminteractivemedia.com/shared/images/logos/156/ 22 KB
22 KB 52ms
50ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/logos/156/template3_logo.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 721d7cffc9278133fb51e6d9f6e88c803770a2ec1250e45fb92ef51fdc3b19d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702542497
x-cf3: H
content-md5: lmn9e5a/SgH1osjQSkWNgw==
cf4ttl: 2589859.750
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: ab4b89d2b46fa7af1aa8b8f4221ec6e5
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 22166
x-cf2: H
last-modified: Thu, 08 Sep 2022 19:29:31 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DA91D073E7D7D5
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 2140
accept-ranges: bytes

GET
H2 200 IMG_2886.jpg
heysaltylady.com/wp-content/uploads/2023/06/ 77 KB
78 KB 774ms
389ms Image
image/jpeg 68.183.113.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heysaltylady.com/wp-content/uploads/2023/06/IMG_2886.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.113.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 471495.cloudwaysapps.com
Software: nginx /
Resource Hash: 09327fad8fb84516dec403165351b9af1b86b7d01a083678afdec34d33875d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
last-modified: Tue, 06 Jun 2023 11:14:32 GMT
server: nginx
etag: "647f1518-1358e"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 79246

GET
H2 200 IMG-4106-e1695126631801.jpg
heysaltylady.com/wp-content/uploads/2023/09/ 358 KB
359 KB 481ms
96ms Image
image/jpeg 68.183.113.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heysaltylady.com/wp-content/uploads/2023/09/IMG-4106-e1695126631801.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.113.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 471495.cloudwaysapps.com
Software: nginx /
Resource Hash: 0e1b1f3aebcd5d6ab7f88b41fb904afffc8751bdb841e5bc850760834782407a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
last-modified: Tue, 19 Sep 2023 12:30:31 GMT
server: nginx
etag: "65099467-5983a"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 366650

GET
H2 200 erik-note-880-by-440-american-dream.png
cdn.saleminteractivemedia.com/186/content/283768/ 642 KB
643 KB 49ms
49ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/content/283768/erik-note-880-by-440-american-dream.png
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 4786da47dbeb4d4225a727e2fef3542b5cd3c6e0f68ceb40e2e64f122ab20618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702989848
x-cf3: H
content-md5: Cz4yKbowdOBr0wm+5YR27A==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:1702936301:cacheN.fra2-01:M
x-cf-reqid: 2da19edc1d6afa3fa25e38e1abaace1f
x-ms-meta-uploadedby: Zumwalt,Jason
content-length: 657102
x-cf2: H
last-modified: Mon, 18 Dec 2023 21:51:40 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC0013844E33EA
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2 200 articles-880-by-440-great-barrier-reef.jpg
cdn.saleminteractivemedia.com/186/content/283769/ 81 KB
82 KB 47ms
46ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/content/283769/articles-880-by-440-great-barrier-reef.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: f83145ac5681047a7b35251a24baea48a70183e8771e6156308d1c2447bb4284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702992512
x-cf3: H
content-md5: Q3lts41krG6UTL5ZjfaCXg==
cf4ttl: 2590892.500
x-cf1: 34174:fE.fra2:co:1702936686:cacheN.fra2-01:M
x-cf-reqid: 310f1a0e98af93a83afc70bd88b54afd
x-ms-meta-uploadedby: Zumwalt,Jason
content-length: 83201
x-cf2: H
last-modified: Mon, 18 Dec 2023 21:58:05 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC00146A03C72F
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 1107
accept-ranges: bytes

GET
H2 200 id Show response
dpm.demdex.net/ 3 KB
2 KB 208ms
39ms XHR
application/json 54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=43AD1E57612418B90A495E63%40AdobeOrg&d_nsid=0&ts=1703501234695

Requested by

Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/shared/scripts/visitorapi.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

05e5a37cca6a31066fd8805c238c64e49fa056f0a5d7f9e19aff5c70b35f3394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-072f93fba.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: lME8vPaRQu0=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://wava.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1064
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 pastor-gary-hamrick400x300.jpg
cdn.saleminteractivemedia.com/156/host/ 22 KB
23 KB 40ms
40ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/156/host/pastor-gary-hamrick400x300.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0193a740f168befc2f489b960df677ce7d24defb63eade6a5354d92d2f990ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702662216
x-cf3: H
content-md5: Z00W+X8wkpchF22Q8du46w==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: a83b08aeeafcb6c6121f3530abd9f044
content-length: 22933
x-cf2: H
last-modified: Wed, 16 Sep 2020 19:55:55 GMT
server: CFS 0215
x-cff: B
etag: W/0x8D85A7A864D84AA
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 34ms
17ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b4c5ada9ffe0a2b57caf94b7b76648af

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5651c35759d1f04456526e28c5768d622966c565eb311c7d9a207715ee9ec44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wava.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Dec 2023 10:47:14 GMT
content-md5: x7ExPuVLOc0QVr+FS5o+eQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88318
reporting-endpoints
x-fb-debug: Q7RbD/NTntNGbFLc0pbUjrnrO6PwOUL+j4dHFEDQbeZ4BtB+aySMGee3oe27oAtFZrOx7JAaCEwfqg920ohFuw==
x-fb-content-md5: c2ab680a05738e3b64a211203674d8e3
cross-origin-opener-policy: same-origin-allow-popups
etag: "d9e5c18cc9ed6f9265de098280b583c0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Dec 2024 09:41:15 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B23C 199 B
298 B 96ms
24ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 25 Dec 2023 10:47:14 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 640x480.webp
i.swncdn.com/cdn/200w/zcast/oneplace/host-images/thru-the-bible-with-j-vernon-mcgee/ 3 KB
3 KB 12ms
12ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/200w/zcast/oneplace/host-images/thru-the-bible-with-j-vernon-mcgee/640x480.webp
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 48b19a51afdcbc8fb8e131cb3e187e9e32db78bebae13561db1cd0c9b197a628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702547833
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1641035.625
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: 4f1257ba4b116b02fb83dfc50dafb309
cf4age: 950964
accept-ranges: bytes
content-length: 2804

GET
H2 200 640x480.webp
i.swncdn.com/cdn/200w/zcast/oneplace/host-images/a-new-beginning/ 3 KB
3 KB 13ms
13ms Image
image/webp 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.swncdn.com/cdn/200w/zcast/oneplace/host-images/a-new-beginning/640x480.webp?v=211203-263
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: a9c4b0e01dafee14e20818adbd6ea59f6c0e547f804ca56109b1b16e946ca781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:14 GMT
x-cf-tsc: 1702566546
x-cf2: H
x-cf3: H
server: CFS 0215
cf4ttl: 1612391.125
x-cff: B
x-cf1: 34158:fF.fra2:co:nots:cacheN.fra2-01:M
content-type: image/webp
cache-control: max-age=2592000, public
x-cf-reqid: 5ff994c2dee52d162137e3d157d83394
cf4age: 979608
accept-ranges: bytes
content-length: 3044

GET
H2 200 dest5.html Show response
katzmedia.demdex.net/ Frame F1EC 7 KB
3 KB 63ms
37ms Document
text/html 54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://katzmedia.demdex.net/dest5.html?d_nsid=0

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 25 Dec 2023 10:47:14 GMT
dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 17 Nov 2023 11:52:56 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: JGNNIM+STlU=

GET
H2

200

ibs:dpid=411&dpuuid=ZYldswAAANE33wOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62989169264508439662293047501763076553
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYldswAAANE33wOV

42 B
717 B

39ms
39ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYldswAAANE33wOV

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0ceeb53b5.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: iCdZhLtnS6w=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYldswAAANE33wOV
Date: Mon, 25 Dec 2023 10:47:15 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

200

ibs:dpid=269&dpuuid=0bbc6589-5db3-4d00-9f68-a46a42649d60&ddsuuid=62989169264508439662293047501763076553
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=62989169264508439662293047501763076553&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d62989169264508...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=0bbc6589-5db3-4d00-9f68-a46a42649d60&ddsuuid=62989169264508439662293047501763076553

42 B
717 B

42ms
41ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=0bbc6589-5db3-4d00-9f68-a46a42649d60&ddsuuid=62989169264508439662293047501763076553

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0a5c0cf66.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: vpipk5OjQB4=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Mon, 25 Dec 2023 10:47:15 GMT
Server: MT3 1237 600843f master iad iad-pixel-x25 config_version:"146"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=0bbc6589-5db3-4d00-9f68-a46a42649d60&ddsuuid=62989169264508439662293047501763076553
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 25 Dec 2023 10:47:14 GMT

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame F1EC 0
98 B 89ms
26ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=62989169264508439662293047501763076553
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame F1EC 0
42 B 26ms
26ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=62989169264508439662293047501763076553
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 /
dp2.33across.com/ps/ Frame F1EC 0
69 B 350ms
112ms Image
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp2.33across.com/ps/?pid=897&random=1649081385
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-33x-status: 208
date: Mon, 25 Dec 2023 10:47:14 GMT
server: 33XP002

GET
H2 200 container.html Show response
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0EA 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
expires: Tue, 24 Dec 2024 10:47:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CE0E 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
expires: Tue, 24 Dec 2024 10:47:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7C8 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWiHzmowxc4meB4ke52FP5u1BNm0nT6DPMu3yqeDchBjbHspwuBD04ldbzr3XnfidCf0AN06On1dhrcJ17txipnsEVhfHtEjRHCJHBfoI2RsM5DRZuukE47NDqEbmSc8Vc_Xg51-x7rfte3wlskC-unq58FE5bVb-iBfg23Q5SWqr0faeNg0cFwkZCcI0a-3WIJejgyRRcRxhWiMdfb7JVzjF5hMd5myLR_N1qo_CHuvbCnw2Su04M-1W2p3EoUVzldkQtWXmuYjov1WwgG4J1-0J8up2BLaNJHFTERy4x_Mi-wMRPWdeOYLzozZYNVi4XKEURXm0F4U_8_C4SP3pgKD5bgTbdjVqqrGeYbfxi&sai=AMfl-YQsaLeUjEAgY8_3UMLI7FXsYlXH4oWuDFIDd20YFO4bwIVWOqoX1zIaYo2_uk5SuH6wPxBWQS0_65VrF5SJzE1C2Ff_QJEoiCrf_hYxvUEiV7usSAIhM9FcmSykLfdpPSFLLjj7r6swCxjGkz6qQ04K&sig=Cg0ArKJSzLQun2IKLCKgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E7C8 90 KB
29 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0855004f4091e6a2a4adb87058b4e0b9aa02de9e6c236d9a521be22943fa43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29477
x-xss-protection: 0
server: cafe
etag: 934 / 19716 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7C8 203 KB
65 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 container.html Show response
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9AE 6 KB
3 KB 19ms
17ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
expires: Tue, 24 Dec 2024 10:47:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87B9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96b55fc8861330f9232a77894c2d4dc75cabe75859bf489432212f32001007ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame E678 196 KB
56 KB 88ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 16:42:31 GMT
age: 65084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 23 Dec 2024 16:42:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E678 15 KB
5 KB 125ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 17:21:05 GMT
age: 581170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E678 95 KB
29 KB 128ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 16:37:47 GMT
age: 583768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E678 5 KB
2 KB 140ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 13:56:42 GMT
age: 593433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E678 40 KB
13 KB 141ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:52:42 GMT
age: 525273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 08:52:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E678 14 KB
1 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E678 2 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 82724
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Dec 2023 11:48:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E678 295 B
520 B 20ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12955
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 26 Dec 2023 07:11:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0A1 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIW1USDjc0okHB_VOFrxr49JuS1c6cXUU1KF5uWjb6t2whVjuTXemmoPYFqAc8AXG_ceH-2I5XHe5Brlmc8Gu0HdQrwrJbr4DWJqCkr41UmbZuQzoX39GBRRAtvOctJ2k_zjYrIAOP7Wj7t9rpk2co-BvPU188WYFohIdO1tYj6VmEKHbtLkzSw5W5_N3Z2kl_6NRoD9QmaCb2S01BhpW7fT4v0fCXjRXtXohHiGL9yzzO42VaF_NSO4qk3Eu9LFWt1GBKS8SotXNHC-hwRWxR42f-QQDA1CAXBdsrpwb1Izj9WM6KsujxnlxCDnaWLPcNjloVv0YiF2Q1mYwMvs-QVaZPWPaI96C0tfHk&sai=AMfl-YTjqU6nGikTIsPX-3MdZPNlb4BpMY3Ddk0nt74lCxYjUbN7vOWBrxKWJGdVEoAFX5eSiBsa7vUKoqOmlRFap75pgToTdy1ViUbxhkm-W9PbC0eEcF4g0ff4-V53sowBSKnkIru_SDRtECmjzV_9tMz8&sig=Cg0ArKJSzNZKVI68poNnEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F0A1 23 KB
9 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F0A1 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0A1 203 KB
64 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 829634214239861666
tpc.googlesyndication.com/simgad/ Frame F0A1 44 KB
45 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/829634214239861666

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d22c7bed97844a69b8dafdeb37089ca007dab2a9769baf74659801e792a605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 15:07:34 GMT
date: Sat, 23 Dec 2023 15:07:34 GMT
x-content-type-options: nosniff
age: 157181
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45564
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 14:51:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F0A1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e64d6aa3d2fd0e9af76f52e640e4cef153a52ccfc38bf67f39dfc6b88c54c40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D227 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a77fa6201109ac0d9655ae7b8ce65e345fc60ef320fde77febca102a5bbfc8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3234 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:14 GMT
expires: Tue, 24 Dec 2024 10:47:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8840991977246898433/ Frame E678 24 KB
24 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8840991977246898433/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499772113273b494253c46f6621dcbdfb4faacdc61d036933e9e9324ebe76dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 23 Dec 2024 07:18:51 GMT
date: Sun, 24 Dec 2023 07:18:51 GMT
x-content-type-options: nosniff
age: 98904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24595
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 16:47:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame E678 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E678 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E678 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c6531c44a2cf946366523fe9493d6f52e51c13372b0244dc46e8dfa4d7ae86b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sim_dfpinterstitial-bottom-floater.js Show response
sim-cms-public.azurewebsites.net/ 5 KB
2 KB 705ms
270ms Script
application/x-javascript 13.77.83.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sim-cms-public.azurewebsites.net/sim_dfpinterstitial-bottom-floater.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.77.83.246 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a82c69945172ac0b874255f62efccf5c5550a2d53cec3c4c37ed4e80099b798c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jun 2023 22:24:12 GMT
etag: "7b9dd0f3579ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
permissions-policy: autoplay=(self)
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2348
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6

GET
H2 200 sim_dfpinterstitial-takeover.js Show response
sim-cms-public.azurewebsites.net/ 7 KB
3 KB 697ms
263ms Script
application/x-javascript 13.77.83.246
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sim-cms-public.azurewebsites.net/sim_dfpinterstitial-takeover.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.77.83.246 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f9a299361bf7b630d53ab36b7773f4a0b640859645a389eed3d48fb793cd23e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jun 2023 22:24:12 GMT
etag: "0e5ef3579ad91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-expose-headers: Request-Context
arr-disable-session-affinity: true
permissions-policy: autoplay=(self)
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2194
request-context: appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6

GET
H2 200 hbpix
idpix.media6degrees.com/orbserv/ Frame F1EC 43 B
205 B 741ms
120ms Image
image/gif 2606:4700:4400::6812:2412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=62989169264508439662293047501763076553
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:4400::6812:2412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 20 Jun 2023 14:48:54 GMT
server: cloudflare
etag: "6491bc56-2b"
content-type: image/gif
accept-ranges: bytes
cf-ray: 83b081464ba49137-FRA
content-length: 43

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E678 33 KB
33 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:19:37 GMT
x-content-type-options: nosniff
age: 556058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:19:37 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/ Frame 6E68 62 KB
17 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09508383c9f0284e0d011860afd8e225ab09a7d9660df76a8faa1faa06c5a311

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 89726
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 16934
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:51:49 GMT
expires: Mon, 23 Dec 2024 09:51:49 GMT
last-modified: Thu, 14 Dec 2023 14:16:53 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B0EA 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4BF 143 B
383 B 70ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B0EA 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B0EA 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CE0E 2 KB
566 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 09:00:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE0E 2 KB
822 B 22ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CE0E 23 KB
9 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE0E 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE0E 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 21:29:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE0E 203 KB
64 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame CE0E 37 KB
16 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 437622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 09:13:33 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B9AE 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2

200

salem-books-holiday-gift-guide-450x75.jpg
cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/ Frame B9AE
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstscuGdjLjPQQhEFyxcJwBHLInhfV75xmvpQ8I6vlApUUJ7q7YZOmbGAypQAXG6jITqdlmH5uyzvFA9txGjAbsEoVNvimM-hBwurKqYPjcMYmzOTjs8T27EJy7gffH-w1xrD9NByMP07...
https://cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/salem-books-holiday-gift-guide-450x75.jpg

19 KB
20 KB

16ms
16ms

Image
image/jpeg

205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/salem-books-holiday-gift-guide-450x75.jpg
Requested by: Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3852aff712945cbe6ce88dfa8eb4424832943e183977656fe36d25621a48feaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-cf-tsc: 1702535851
x-cf3: H
content-md5: maJmg9meOFoMqrA2SXdAGg==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:1701966712:cacheN.fra2-01:M
x-cf-reqid: 0b1eac31a9f23f658d7df536937e4f02
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 19470
x-cf2: H
last-modified: Thu, 07 Dec 2023 16:31:48 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBF742027C4B9E
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://cdn.saleminteractivemedia.com/187/media/national-promotions/salem-books/holiday-gift-guide/salem-books-holiday-gift-guide-450x75.jpg
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9AE 203 KB
64 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3234 24 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2

200

praying-through-the-bible-book-giveaway-300x250.jpg
cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/ Frame 3234
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjyHKGTOWEQ1-tgycn-7x8Jvp_KaxG_g2NfSKHJUXPUpbnYoR9gX_Nr0b5B-m8f5wRjLI0XJ5t8SJa4Kj2bWYF4tVFVDAXc7zgHwCL73VtcT6g4_SuXFGdHM5kHRA4BFj1bz5QAdzrO...
https://cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/praying-through-the-bible-book-giveaway-300x250.jpg

26 KB
26 KB

16ms
16ms

Image
image/jpeg

205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/praying-through-the-bible-book-giveaway-300x250.jpg
Requested by: Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 096c48cfe3db87948779f2cdf5dbd2a24bb9dfdd86564d49c94bb9fe1cddc743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-cf-tsc: 1702535851
x-cf3: H
content-md5: KuSgSysMmsT4/9vmeZnxLw==
cf4ttl: 2577320.250
x-cf1: 34174:fE.fra2:co:1701381027:cacheN.fra2-01:M
x-cf-reqid: 1fc165fd742e95ae56bae64825f958d3
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 26198
x-cf2: H
last-modified: Thu, 30 Nov 2023 21:50:24 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DBF1EE5B6502D3
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 14679
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://cdn.saleminteractivemedia.com/187/media/content/heart-happy/sweepstakes/praying-through-the-bible/praying-through-the-bible-book-giveaway-300x250.jpg
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3234 203 KB
64 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
DATA 200
OK truncated
/ Frame E7C8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5547abcac6b6fa25cad736e29f7697596d1559ea35fba1a14c0c3e76d42fea7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CE0E 47 KB
47 KB 81ms
20ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRahKQ3DlHRygsVwIiTa9um6ZDHWgL41426nqVuKOiNqRVBXe3k3dDG-WnrVQ&usqp=CAI

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6d18fd6888f399d6b9d2a532c2f17ab893ed472c02adf5b6386d082531ad3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:25:01 GMT
x-content-type-options: nosniff
age: 332534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48103
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 04:11:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 20 Dec 2024 14:25:01 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CE0E 42 KB
43 KB 110ms
49ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTZja_WsJqZBEoJBj8BVqXsk3FmDXrG6HBefVTL2pAWAIegHabzYEe87-NxSw&usqp=CAI

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fca0e551889966bfd7bc17973749671b1e85b15360dfb8c0ca4db65440ea438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:34:20 GMT
x-content-type-options: nosniff
age: 555175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43403
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:37:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Dec 2024 00:34:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CE0E 41 KB
41 KB 128ms
67ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSXdws6BrKNR98KNYdGsUybWvz5yPuFJmS8Woh9RMcxood6nbCs-0dwSl85SiQ&usqp=CAI

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eec6ff2ba1158bf01ded31b225e89dd731c695b3ffecfd48d25eea23fea56fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:50:33 GMT
x-content-type-options: nosniff
age: 525402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41593
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 05:47:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 18 Dec 2024 08:50:33 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame CE0E 41 KB
41 KB 73ms
19ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJuIUMrexH8yjQcbKc6sKJ63d9OrhRYH-r1N5FWeBMAmbiGbOnl-laYlymPw&usqp=CAI

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1db941e0511296c5c712e79132a2edcd711d71cc5689201e99436f62e0799751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:04 GMT
x-content-type-options: nosniff
age: 593471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41835
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 14:21:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 13:56:04 GMT

GET
H3

200

17491665642073105354
tpc.googlesyndication.com/simgad/ Frame CE0E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc6ZLHhQEQ0A8Y0A8yCHN2A60O3Inw
https://tpc.googlesyndication.com/simgad/17491665642073105354

37 KB
37 KB

20ms
20ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17491665642073105354

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75eca9b2cf8d475151692fb6cc47c2c1b7b48f2ee253c2ab5dca95aad8f15ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 03:16:12 GMT
date: Tue, 19 Dec 2023 03:16:12 GMT
x-content-type-options: nosniff
age: 545463
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37775
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 13:54:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Mon, 25 Dec 2023 05:26:19 GMT
x-content-type-options: nosniff
server: cafe
age: 19256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/17491665642073105354
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Jan 2024 05:26:19 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6E68 16 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 19:44:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 25 Dec 2023 19:44:02 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6E68 34 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4801678927716155392/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 25 Dec 2023 21:29:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0A1 0
0 100ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNewsvWtNFCipuPpx9vBii7nDfQj_pXBaSmzvnap4iwCaBzrGPU-sFrpLwAKw4eWinBgGvRiH5KnErcHtpV7xzdbiqcSqRPBHlJ7NK4tND_sGT1pGRD2A8evM1ya8ph6ZB361xw9HJ18Vuge1_Sr56OOcbm96xMmQPCBafc3hHwm1UjMljesDrvJK0LNH5CPP-89TrYLFdb-EibOLmc6OcHBIfDf7UCQ9lLQasaIYbNgqL4wl-X53ZvcabdLJtUKiEzdvd5aIakI3QNUH10GsPF1Wh0rqbkLTRDvkiR8nUlsUGI1ukWY6gx94n7RtOqx-czwOZAx_XS32pitrgkdjUvu8y5IDgT--6KXUvupc&sai=AMfl-YRhFDZNM5ItechRbDu35PoFCX8ziPHeT0-B3ctIqfYMp-vZEMOyrycnbC6sQpxza3f4vL3G1-l-LG1BEm-0TkQgLLWKMFj8MOaiE0FiHhIBYJh-jT1HD7QhT4zUZqzlxjS7mZQlXCKTwehfGJDN7PYM&sig=Cg0ArKJSzPr-EwxVNvYSEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2

200

ibs:dpid=22052&dpuuid=3640879971541975169
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640879971541975169

42 B
717 B

38ms
37ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640879971541975169

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0f7fdf65c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: k2A0pcYlRpw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640879971541975169
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: e32618539f54da3aeba3cc5f15b58ac2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 26 Dec 2023 10:47:15 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame E7C8 431 KB
135 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1959
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Dec 2024 10:14:36 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9AE 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstscuGdjLjPQQhEFyxcJwBHLInhfV75xmvpQ8I6vlApUUJ7q7YZOmbGAypQAXG6jITqdlmH5uyzvFA9txGjAbsEoVNvimM-hBwurKqYPjcMYmzOTjs8T27EJy7gffH-w1xrD9NByMP07Y8m18faXvG9ZIp9TlcwUZd0W0FBvVVci8Blunr1OaBvkddMRcbY8wOYt0bTLLIvQaE2PGIY652-jRMXvsAWpyS2cJpKDZYUBIMznke-zxm_9vfz8uOE3E1wWeHPYeypuujNcVdFNKfzHAXAnCZK0GDlQJa1kZtRq5XzYwkXK9Qp9fwQx62OLnXcZ-5LJ81Q4pByO_80pG7ERZxtJNxtCq_lGoDXbCLO&sai=AMfl-YQ7dcimXvK1h128ej3HN2t_nskuhMEg31USIdwWW8Fwgxhy-Lts3pTVZmfMCw7j5Uyw5OO7F404adIN8OxSO4QLTq4NZX_BYoeBT8aHOXLVqSHTAPkaqS1KwTlhDgOAUBEjfHZQGimHzAhseo3vih2b&sig=Cg0ArKJSzCkXYgAcNRqzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3234 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjyHKGTOWEQ1-tgycn-7x8Jvp_KaxG_g2NfSKHJUXPUpbnYoR9gX_Nr0b5B-m8f5wRjLI0XJ5t8SJa4Kj2bWYF4tVFVDAXc7zgHwCL73VtcT6g4_SuXFGdHM5kHRA4BFj1bz5QAdzrOFTg8fqGLcPD_EY2YCsdKxGfWwTby9pOTYoQgr-oK41uUaUCFDyendN7XjdrUWDxV6vn82zQhOeof4PCAmWigRpV7Q86kRZYqAWSGjD3WaHMbhS46asXuCRLpe1GJJHB2isjjJ-bFFowRfQ_S_zzfz723f2RqWqGImpj-WQxBxFC8CqrJlmjcMH3uBgwcHPvt7JCeB1ZKW9LhkRNis69tL_WpJ6ba0XP&sai=AMfl-YQS76CncFqQ51QXl63kQ5gsG1RicNj1bYAt3OQEMadXVuP9_jhLN7g4ifZUVpJvD1cIO6EOXz4EKpwELDkTp6jfxttENgFFCDgG3kh2nAVmo1Ijn5u-qh2QHBkA6fyy2JjG7EghKtYt4M4tgACbYyNG&sig=Cg0ArKJSzAZ3Fe_0QMwPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0EA 203 KB
64 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E678 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 82724
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Dec 2023 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E678 295 B
322 B 20ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12955
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 26 Dec 2023 07:11:20 GMT

GET
DATA 200
OK truncated
/ Frame B0EA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83602acd282ca2b68834289460e4b8a0308d8036b5162fe7e2914c451d4eadbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CE0E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b6e985dacbc7b1bc435f1056fa32b8dbfe6cd2db59df58a5d7918fe47da8204

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9AE 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4-oD08fb3WWJMBmDyP2XBYuyB8uBEldBLEWcl2KaFSglLUuDa4yfLskmN812doBjdDc_gp-098Q6dxzKqSgFeFgNDy3AchoGkx0FX0eS8TsXkc4Z2p8dWzI9a7Q0lCGGFHdn3zZy5l-wNJEnhzrJeR8qwndZ4cC6BC2Ct8IK3I_Y56LxH6kXHE0g0wge_dvwUpZLjt9Zaak1lZLn_VrtUT_1_RbyO8T3m-JIZ_X1X7p-hO94O6VDIduNyzUnsxayu2q367r4_m1YHz1MfMtV6eWy-UjVmiHMuxwQfW3NlNCiMoqlFYMgK_A7vLsKjh66OrfE_oskkLEPBqr-VQF5WT4KP1zxb6sbX5CWOtXQz0Uw&sai=AMfl-YSCk-iD23VOvDMotwSqhScNVl83zXtJG0Vc51KZrq6OctQPMFUeCOl9X7tuR3syqAbWO2_g2nPKxNrBamZOU89c1YZ7W1pFre-uqMaMnO_lniThhnyppXauiba99dBJ5lpsXK5afVGFN6LnoUAI7RxN&sig=Cg0ArKJSzEEB3Pf8PAxQEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
DATA 200
OK truncated
/ Frame B9AE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ff99850cd842b964dc23a434e8942a21627d7251cff903e10cb76698e8b7e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

30ms
30ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
URL: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:15 GMT
expires: Mon, 25 Dec 2023 10:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3234 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 053a6f03941f31f2014f86dc23ff65b80c31929f6a6fc4b00b500201bb3cc57a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CE0E 20 KB
20 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:32:42 GMT
x-content-type-options: nosniff
age: 530073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 07:32:42 GMT

GET
H2

200

ibs:dpid=575&dpuuid=1779347428295919859
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=62989169264508439662293047501763076553
https://dpm.demdex.net/ibs:dpid=575&dpuuid=1779347428295919859

42 B
717 B

36ms
36ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=1779347428295919859

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0d8917a30.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: WP1Z8Z6QR90=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=1779347428295919859
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E7C8 58 KB
14 KB 461ms
461ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1946934566999897&correlator=1134542791912462&eid=31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=21849154601%3A6177%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C220x90%7C300x75&ifi=1&didk=1233627657&sfv=1-0-40&sc=1&cookie=ID%3Da30240bc089bf7a7%3AT%3D1703501234%3ART%3D1703501234%3AS%3DALNI_MZ7fsMvCfQsptEbw7ppmAU8ZMtTKA&gpic=UID%3D00000d2af772687d%3AT%3D1703501234%3ART%3D1703501234%3AS%3DALNI_MYU4n_mkEctW1ejV7YPVkHPipP_XA&abxe=1&dt=1703501235869&lmt=1703501235&adxs=436&adys=322&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=csl0rwcqa5wq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwava.com%2F&ref=https%3A%2F%2Fwava.com%2F&top=https%3A%2F%2Fwava.com%2F&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=995915188.1703501234&ga_sid=1703501236&ga_hid=1831724179&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtIDYhMoxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi0gNiEyjFIAFICCGQSGQoKcHViY2lkLm9yZxjbgNiEyjFIAFICCGoSFwoIcnRiaG91c2UYloHYhMoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLSA2ITKMUgAUgIIZBIZCgp1aWRhcGkuY29tGLSA2ITKMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lVbVJGYUZjd1dHaFJOSFZoUVdGMlNqbDVZMDB3WnowOUluMD0YpYTYhMoxSAASGwoMaWQ1LXN5bmMuY29tGIuE2ITKMUgAUgIIag..&dlt=1703501235462&idt=391&prev_scp=site%3Dam1590theanswer.com&adks=1391429544&frm=23

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90c6aceb567730b5098e5862c5c03fe86921ab2b373ebff9b38ff5b02d805bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13853
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wava.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 084E 6 KB
3 KB 60ms
33ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:15 GMT
expires: Tue, 24 Dec 2024 10:47:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 54ms
54ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6YIysl2JZffHFP2T7_UP6MqiiAna6Z7vcYrD09_tEY-2nLr1PhABINHtoBdglQKgAdW236IDyAEJqQJx9dySZnqyPuACAKgDAcgDywSqBJUCT9BaZc-G5iDjLlpf_jfRU0HvFUuHov7mfwJZDqM4aCcK4-iCNMIu9-sjIyvR8oS9S1c1xXt1eT3HgP2ABiNjmo5P-W71qtuWTKVIrQgF2cZvfLO2t97Qqo0zDrMbi8YkSmqYiS97qQhvg4cHyyyiSx2CRH_Qe01d4c046jD0lskFAXOgVIBlRwSQwB_rUoOS8nFlZXf91hA3_v356ysng_Hnw5LNN7S1zJ21fvcpqcZnfe4E3EuOEQj2r8fBkF9OL1brNKn4_h4EE7HyG-1flnIX6ywoahQw-ldDBOirFqwFOTN3SHnrW3UifhJajtnSMbRv0T5sHGNIXH1nD-bu7q_ypdleehlYfQLTOwXhZrx6k3hW6cAE_cmazqwE4AQBiAWMzqzmS5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeTyaBdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEMzLJNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYutjGz7SqgwOaCSZodHRwczovL2VkZWxzdGFobC10dWVya2xpbmdlbC5kZS92ZG0xMIAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIs73Hz7SqgwMV_cm7CB1opQiR2BMOiBQE0BUBgBcBshceChwIABIUcHViLTk0NTA2NTUyMDk4MjQ2MTcYrdIVshgDIgEA&sigh=Bpq9ERqQ7oY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 10:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CE0E
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C6YIysl2JZffHFP2T7_UP6MqiiAna6Z7vcYrD09_tEY-2nLr1PhABINHtoBdglQKgAdW236IDyAEJqQJx9dySZnqyPuACAKgDAcgDywSqBJUCT9BaZc-G5iDjLlpf_jfRU0HvFUuHov7m...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212715961018762150041%22,%22debug_reporting%22:true,%22destination%22:%22https://edelstahl-tuerklingel.de%22,%22event_repor...

0
0

129ms
67ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212715961018762150041%22,%22debug_reporting%22:true,%22destination%22:%22https://edelstahl-tuerklingel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878173013%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227240446182029298817%22}&andc=true

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12715961018762150041","debug_reporting":true,"destination":"https://edelstahl-tuerklingel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878173013"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"7240446182029298817"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12715961018762150041","debug_reporting":true,"destination":"https://edelstahl-tuerklingel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878173013"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"7240446182029298817"}&andc=true
access-control-allow-origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 219A 51 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 05:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 538506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 05:12:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3234 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXG-i0mJcZPuA9mRD0BCrydJA3VIRHSomdbMTr71WlgQVNBYueVlURB7KPMcgQ0yT99s7-EBHtwuxFV18YN8OB3nnXwTQ9Gvcrb5JgNoJ7QUG3b-suxzL9Rw-so0yc-iSHm2K3ubbT0DQT1nNOrGYOY8lG_3ds7gXT_FTMTOPrrcL6QAdAZf1ZDYaQDNLRpYxCAlhNG18zrR_JsPn11cT33it1QaA-MYjGXUQzpUNH2AoIAAt5WUNSNIowaqoI2xC9VPE9ls35Nc10gz4Uu3Xu0n57tDKYP4EaVdG3DYC8c_T4LKRjjeW0_QTlfApItY4CU7kpL0_xO29dZbL12nqK98KETtcbEGSb0iLF0hnvejU&sai=AMfl-YS8FQWleD0_FOk7YlMu1k4o79KRz3QXTWlGWpMQL3kuTnAPDtZDyLTCS9jM-w3QaapcPqICrR_196Bjy3hfwj94fUwpXjMxIXnjBBFUMGKQT2TMzVRdzK-F8ga58AInG5QjXwQbiCS8ISh12hVum83k&sig=Cg0ArKJSzGBPglF1JnfQEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E678 0
0 66ms
66ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUN3Gsl2JZfLHFP2T7_UP6MqiiAmuo9vQdP_Eu8WLEKHkxr6bMBABINHtoBdglQKgAfmYw9cDyAEJqQJx9dySZnqyPuACAKgDAcgDCqoElAJP0Al6-i1oNoDS5JVFyURukG-uU-NmX2hMrw-9lliGjbjGRniX-LjPjuiTL7zAH6Q67SzBQ4D24fBS4KDt6MAnbGfQetb7JzBG13hVpcCg8vSGrIZ59YxpNtt5BoW6NGRbOobJQuAT6ErFGkxEZWupm78XbHfE0Mix5SX6CNStqueYzY8yUCvPl2U67rIEx0BqTYTY46EiGcr8WlP6vH47S1kARJGGtPhWXpHIjNkHRh_BGtichlyqiQSkv1sjCoTfep3V912CQz67Vb_p25Ta6xFknUMpi7ZR6dD5Qjm4P5dqZYf1UoiaLWTxIBXW2CamXFb3SWE4hd7LPTu6u_37ppW216gBfEbHExdgGebFb5DRN7HABJiq5b3-A-AEAYgF8rXtlUCSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7NqZBqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEMLLJ9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYutjGz7SqgwOaCZIBaHR0cHM6Ly93d3cudHRsaW5lLmNvbS9kZS9hbi1ib3JkL2UtZmFocnpldWcvP3V0bV9zb3VyY2U9ZXBfZ29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249ZWNhciZ1dG1fY29udGVudD1yZXRhcmdldGluZ19yZXNwb25zaXZlX3ByaWNpbmeACgPICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC4g0TCK69x8-0qoMDFf3JuwgdaKUIkdgTDogUAtAVAYAXAbIXHgocCAASFHB1Yi05NDUwNjU1MjA5ODI0NjE3GK3SFbIYAyIBAA&sigh=dmw1PdxXNcE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&template_id=5000&cbvp=2
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

ibs:dpid=73426&dpuuid=62989169264508439662293047501763076553
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=62989169264508439662293047501763076553&rn=1703501234883&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D629891692645084...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=62989169264508439662293047501763076553&rn=1703501234883&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D62989169264508...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=62989169264508439662293047501763076553

42 B
717 B

41ms
41ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=62989169264508439662293047501763076553

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-047c6455c.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ti1NVRYCTb0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
via: 1.1 4e9e6f7805c0c0019fa230a2ef31dcaa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: BUD50-P1
x-cache: Miss from cloudfront
location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=62989169264508439662293047501763076553
content-length: 0
x-amz-cf-id: n2wIkGWL90rXURc2HgbweeYakB26D0fSKVzeqQngBM_CKsNXIVTwmg==

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 55ms
55ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CIIVxsl2JZfXHFP2T7_UP6MqiiAnu3-j_dP2fjIKMEq65hq6MDhABINHtoBdglQKgAe3C2bUCyAEJ4AIAqAMByAMCqgSWAk_QuxyEmcPN1oMqs1GkMuZ4uEB_ehFfE4p6o0nN_VLa1b6jQioPmaC90rC4hG3RQz5cTjTFfgNTwrtcsWe8rGizkeBqHxdpuoSp_Y8VD_lhi04yleStkaMYfceUbHxi7FiUXflME3BWyCgzpp4U_tgjlxHjzQS6taTLmqELpNKzRw2UsvdVKNuxS16vDTsjhj-r5jZw6NkUSP1zQGDZnTcpHn5MEWCLl4o1c5g_3Rtf9j-Y4jo1K_eyVyg4laQOFf54qZFTYLc628RNPAF5TlfoFIMqW1pP843DgdQvQiwaeNXb-OOxag3AoZz21uOFSgif15eh1DPKrTF4fnJmHuAn-VPO_yX8W_3VyxgsLYKCl8VVQgrpwATq5KjJzgTgBAGIBeTo-N5NkgUECAQYAZIFBAgFGASgBl2AB_u8psoBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQhrgn0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOli62MbPtKqDA5oJvgFodHRwczovL211c2NsZS1ib29zdGVyLmlvP2JyYW5jaC1uYW1lPWdvb2dsZSZ0ZXN0LW5hbWU9Z280dGlrJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJmNhbXBhaWduX2lkPTIwODY4NjQxODkyJmFkZ3JvdXBfaWQ9MTU4NTMwNjc5NDAyJmFkX2lkPTY4NTAyNzEyMTY5NCZ1dG1fdGVybT0mcGxhY2VtZW50PXdhdmEuY29tgAoDyAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAuINEwixvcfPtKqDAxX9ybsIHWilCJHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTQ1MDY1NTIwOTgyNDYxNxit0hWyGAMiAQA&sigh=k8jLMlwzgSg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 10:47:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B0EA
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CIIVxsl2JZfXHFP2T7_UP6MqiiAnu3-j_dP2fjIKMEq65hq6MDhABINHtoBdglQKgAe3C2bUCyAEJ4AIAqAMByAMCqgSWAk_QuxyEmcPN1oMqs1GkMuZ4uEB_ehFfE4p6o0nN_VLa1b6j...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224700206781965469144%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window...

0
0

129ms
67ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224700206781965469144%22,%22debug_reporting%22:true,%22destination%22:%22https://muscle-booster.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22649486701%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229749961760483109953%22}&andc=true

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4700206781965469144","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"9749961760483109953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:16 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4700206781965469144","debug_reporting":true,"destination":"https://muscle-booster.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["649486701"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"9749961760483109953"}&andc=true
access-control-allow-origin: https://feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E7C8 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUzlH0q4ZRdFDv-C7w_oVZEjKd2HXzGEBklCq0YHwS-OBEUkqO2TEhjmJJw4id2mgruxvPefHJz24R9-zUbpJySRE4iGbvpBDNw2jVGUxtKFRaXraDBFhwWW5cRiPpsYcp0I1Lk5D9uMxK_ZT8fpO5ZVtUm7Rz-Qf2iHOJwfZ1h3QLBRBo931fQTGQIApi7omofjRT-Ybjhx-RBdoiyfs8JQ1ls0eBsTgnmmxarQEXvrqFxXfIz0KKbygWJqooE-pos7rV8MJCxibelIdM8dyHrujvpih2olyGAXx1yirYOcZ-rad7yDeDsseG_4zxMyhY0VvsG0z4cCcCIGbTztURrl6M5TabXEQN14r-fre_bvY&sai=AMfl-YQ3MXQV-kXO9Uvrogk9jtO7nsWZzNHIEYXQ_-yj9Vp22oAx0nwn_n8EONOqDXXF9gWyVhV8Ta9Urhlp5LAzVpr6Qn9htc4FykkqkBqrzrCJgRdDTmG8gTLHu0pm5iD6Ja7NwwMmLKnX9tiJZJTktnbx&sig=Cg0ArKJSzJbDZnnIJYk-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 10:47:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E7C8 16 KB
12 KB 115ms
70ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31c63be81df1d31ef5785e799382c632c4e78b57a87f824ef1d2578b3f548c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12262
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 108ms
55ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 10:47:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=62989169264508439662293047501763076553?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
731 B

71ms
70ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0e12665bf.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: oVETiHmfTpM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.16.11
content-length: 0
expires: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 101ms
56ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 10:47:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E7C8 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 10:47:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB43 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 00:43:12 GMT
expires: Tue, 24 Dec 2024 00:43:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF21 829 B
997 B 31ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

31e0826fa61406dc51c842856e849e75aefa68932a1ed9f8b909337990cacd23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i9OgSpZtALGadIP5CZn2iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-i9OgSpZtALGadIP5CZn2iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:16 GMT
expires: Mon, 25 Dec 2023 10:47:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BB43 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF21 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1946934566999897&rc=
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

ibs:dpid=175765&dpuuid=c6a353ce7b858fbabc1fe2ba6e85638c
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=c6a353ce7b858fbabc1fe2ba6e85638c

42 B
717 B

59ms
58ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=c6a353ce7b858fbabc1fe2ba6e85638c

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-02a370a0b.edge-irl1.demdex.com 20 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: She6vv15RWw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
x-clacks-overhead: GNU Terry Pratchett
x-adswizz-request-id: aa56573b-9b76-4ea4-ba16-74d6c8a1e303
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=c6a353ce7b858fbabc1fe2ba6e85638c
x-amz-cf-id: _XKHuXfmH6yZ7nVdSP_yFZS-e7ex5UOREBjF98qDnAzzAfdHIdLN6Q==
x-application-context: application:production

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BB43 0
12 B 21ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iASrtA
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

salemnow-why-the-nativity-780x680.jpg
cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS8lij8vsTSvGTvFwGmJ6_7n4LSrNUv1QZuU8A0h6jQQQUZm7j0xKRcX7XHUHhVxyaG1GdkH7A5iNl5GHgAs68gteuXE_uDP9aJqJcY3tpOoGxMKF2lUZaLi38AVm9E7-v0T6mbXq0Z...
https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-780x680.jpg

76 KB
76 KB

36ms
36ms

Image
image/jpeg

205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-780x680.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 18a4b8d43e1382631eaf7b9ec13bfbd07740a5343fdb6708be12c5f85bb42a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-cf-tsc: 1703308975
x-cf3: H
content-md5: n8ir/6pA/fAW/YbE9lcqzw==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:1703162105:cacheN.fra2-01:M
x-cf-reqid: f39ced215c2cef6a74b58403da4311a7
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 77499
x-cf2: H
last-modified: Thu, 21 Dec 2023 12:35:02 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC022140B50C39
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-780x680.jpg
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

salemnow-why-the-nativity-728x90.jpg
cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp3_XWsObEIm_uIGnHrUr2ilZGE4-5RiavyWIXFu1xT-YyjTFcyvGHIUPqXXU7oHyIshZUnKFHKmdhB2UxMEJv3yqIpk-5rRMl9lj6xABEOfkCGc75MImqFd64Cg9RgDdAZQZXppKY1...
https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-728x90.jpg

16 KB
17 KB

14ms
13ms

Image
image/jpeg

205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-728x90.jpg
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H2
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c0ba39c961c040f5047336cf91ff4debb32d0b87952f96c092f6290a7e14c219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-cf-tsc: 1703187071
x-cf3: H
content-md5: sP7AorHoFhGeP2BQsLR9wA==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:1703162105:cacheN.fra2-01:M
x-cf-reqid: 7405460018cdb797a646bf93662ca8c2
x-ms-meta-uploadedby: Chaffee,Dan
content-length: 16734
x-cf2: H
last-modified: Thu, 21 Dec 2023 12:35:02 GMT
server: CFS 0215
x-cff: B
etag: W/0x8DC022140B2294A
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://cdn.saleminteractivemedia.com/186/media/salem-now/why-the-nativity/salemnow-why-the-nativity-728x90.jpg
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://pixel.onaudience.com/?partner=130&mapped=62989169264508439662293047501763076553&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

42 B
731 B

37ms
37ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=161033&dpuuid=

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09a33b2f9.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 633RIBdTQoQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame C8AE 196 KB
55 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 16:42:31 GMT
age: 65085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 23 Dec 2024 16:42:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8AE 15 KB
5 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 17:21:05 GMT
age: 581171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 17:21:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8AE 95 KB
28 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 16:37:47 GMT
age: 583769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 16:37:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8AE 5 KB
2 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 13:56:42 GMT
age: 593434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 13:56:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8AE 40 KB
13 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:52:42 GMT
age: 525274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 08:52:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C8AE 6 KB
706 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 10:20:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 10:47:16 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8AE 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:48:31 GMT
x-content-type-options: nosniff
server: cafe
age: 82725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 25 Dec 2023 11:48:31 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8AE 295 B
325 B 20ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 07:11:20 GMT
x-content-type-options: nosniff
server: cafe
age: 12956
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 26 Dec 2023 07:11:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8AE 0
0 28ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBrrFrANWxnU5eywT7qBuEEeD2cnpn8lyz0u4kINmAmLyIe5cWXTIu69ibIDHKob3TLZGsjEsRAt_alimto2BrkF3cfQ
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/11569308234753823972/ Frame C8AE 28 KB
28 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11569308234753823972/6592766407814317453

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6adeac8be77fa163d3175150d14cedbabe97e2772a674ae1021213259ab04d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 15:33:12 GMT
date: Fri, 22 Dec 2023 15:33:12 GMT
x-content-type-options: nosniff
age: 242044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29029
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 16:09:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17142487705392666041/ Frame C8AE 2 KB
2 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17142487705392666041/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6055af04ba8bda7a8a435e032c367aca20d10f41613cdbab3ae9bbe47178ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:01:12 GMT
date: Tue, 19 Dec 2023 09:01:12 GMT
x-content-type-options: nosniff
age: 524764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2085
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 02:21:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame C8AE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19d94007e00a0252f63b08cb935ebb0769d772ec2c41e37f2a2963c78ad68074

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ibs:dpid=348447&dpuuid=203e9537-92a2-4e7c-9402-1ea1498246aa
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://ids.ad.gt/api/v1/put/adb?adb=$62989169264508439662293047501763076553
https://dpm.demdex.net/ibs:dpid=348447&dpuuid=203e9537-92a2-4e7c-9402-1ea1498246aa

42 B
717 B

41ms
40ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=203e9537-92a2-4e7c-9402-1ea1498246aa

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0c81d9436.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Pwl1dT76Tdc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=348447&dpuuid=203e9537-92a2-4e7c-9402-1ea1498246aa
date: Mon, 25 Dec 2023 10:47:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83b08147ceeb9159-FRA
content-type: text/html; charset=utf-8

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
24 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:10:28 GMT
x-content-type-options: nosniff
age: 362208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:10:28 GMT

GET
H2 200 p Show response
i.simpli.fi/ 800 B
763 B 39ms
23ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=150871&cb=sifi_att_1507078._hp
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7cecf563ff97e13a289e075893188b47491ea5b40b9681dc3e7964850edf6b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c7d6aeec6d474a3549f1130375659559c68aeb97c9896d44fb7b54c99e55ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12226
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame E264
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

142ms
142ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ef507736371d8%2526domain%253Dwava.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwava.com%25252Ff1fa4849cadf37%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWAVARadio%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Dec 2023 10:47:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 0GoMt4LCFDSV70J9PWdROMqR0a04oHLtbtcW89EHSB1g/cnx1L87B4D2pPZgI1V0cAAXIxqiG0UNBxnFhjue5g==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:16 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3ef507736371d8%2526domain%253Dwava.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwava.com%25252Ff1fa4849cadf37%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FWAVARadio%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: cjCqQmJEYhyLUtGb2RWSWKZFr34c392ZjOwLzBEC2ll/v91a4Xv/3VDoM4YDkQcN5oZhQlNsRb5VTLEAmxeSdw==
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8AE 15 KB
16 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 525197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:53:59 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8AE 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:08:38 GMT
x-content-type-options: nosniff
age: 556718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:08:38 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C8AE 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wava.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 580753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:28:03 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C8AE 0
0 62ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLty3s12JZbuCONaA7_UPxM-DsAK9w_zydMzY8MfnEdrZHhABIMb71nlglQKgAc7Dsv4DyAEJqQJx9dySZnqyPuACAKgDAcgDCqoEmwJP0PLFapuGQ8sVLxCMPX3CFgOBNZKJ6k5s8SJ59-1NOaRt7pMgvAotek_pLAxa5YjHZSTtZSOF3z3cvd5lVjl0IiFAzcJ1ShG7wQ13IA3iMT9Mm9IaTWScDbgQMlZgqKjbyB-vBbA7ke1J5DJy98UQG3dpWrwDLz4xZRvnMUtDVxwyDHrw7T4lmKE3-mg8s6lyycmnuGGtnEiqWt0_Z9OqJS9MT5SV0FUaRFOG0R2s8-qlwAcBrSkDBXWZfPqzghtu_EjDMfPKLdEdta8ITDqb-vMHdZJRZXRYmp1a4zuBk2h4a6EYkeI79iU2x4wsye61FhpRoNH7GsolGygo5EWU27d7X80PsiOuq4XiUswCuMG0MlMKPlNF9woKwAT9xKS3mwTgBAGIBdXQpKhIkgUECAQYAZIFBAgFGASgBi6AB5q8zQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDE6D_SCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMjxqNC0qoMDmgk-aHR0cHM6Ly93d3cudmFpbGxhbnQuZGUvaGVpenVuZy9rbGltYS1mb2VyZGVydW5nL2pldHp0LXBsYW5lbi-ACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAuINEwjnoanQtKqDAxVWwLsIHcTnACa4E-QD2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTk4MDc4MjAzNzg1NDQ2MTIY6qpy&sigh=usG9jnA6g90&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_y4XRtg7bEMXmGYnkvgDY0auDreTAPTOBDkwAYt0l1VnV2yVYyg5Kdto0ewC_whNZ3jRUZZXlMBgB&template_id=484&cbvp=2
Requested by: Host: wava.com
URL: https://wava.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.0 200
OK image.sbix
global.ib-ibi.com/ Frame F1EC 0
72 B 383ms
91ms Image
text/plain 69.169.85.6
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=62989169264508439662293047501763076553
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 Commack, United States, ASN29838 (AMC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=47440E3F6C204311816184C3BE820E2D

0
238 B

112ms
53ms

Image
text/plain

2600:9000:25a2:ec00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 2600:9000:25a2:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cache-control: no-cache, must-revalidate
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH55-P1
x-amz-cf-id: cRMLVdfRqNsVUwlqNgsbNJr8pTzbYI8PjuypPPzQiQxJlAJGukW_yw==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/47440E3F6C204311816184C3BE820E2D
https://sync.1rx.io/usersync/simplifi/47440E3F6C204311816184C3BE820E2D?zcc=1&cb=1703501236858
https://sync.targeting.unrulymedia.com/csync/RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003

43 B
378 B

221ms
71ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:17 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=47440E3F6C204311816184C3BE820E2D&dongle=yf3

37 B
140 B

93ms
16ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=47440E3F6C204311816184C3BE820E2D&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=47440E3F6C204311816184C3BE820E2D&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=47440E3F6C204311816184C3BE820E2D

43 B
175 B

363ms
106ms

Image
image/gif

2600:1f18:612b:4216:4325:b598:a92b:8a38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 2600:1f18:612b:4216:4325:b598:a92b:8a38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 25 Dec 2023 10:47:16 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D

95 B
427 B

31ms
31ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=47440E3F6C204311816184C3BE820E2D
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=47440E3F6C204311816184C3BE820E2D
https://d.agkn.com/pixel/10751/?che=1703501236713&ip=178.162.209.134&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219753204741001340688
https://um.simpli.fi/aa_px?sk=219753204741001340688
https://um.simpli.fi/empty.gif

43 B
361 B

22ms
22ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=47440E3F6C204311816184C3BE820E2D

0
0

314ms
258ms

Image
text/html

18.239.69.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 18.239.69.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-49.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 22ms
21ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 34ms
33ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=47440E3F6C204311816184C3BE820E2D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=47440E3F6C204311816184C3BE820E2D;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTM3MTg2Nzg0NjY0NzY1NTQ3NDc=
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJNb1cCrhCqjMWjhf0b8G8Y&google_cver=1

43 B
380 B

44ms
25ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJNb1cCrhCqjMWjhf0b8G8Y&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJNb1cCrhCqjMWjhf0b8G8Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0&xl8blockcheck=1

0
767 B

42ms
42ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=47440E3F6C204311816184C3BE820E2D&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 35ms
34ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=47440E3F6C204311816184C3BE820E2D

0
421 B

492ms
109ms

Image
text/plain

52.70.125.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=47440E3F6C204311816184C3BE820E2D
Protocol: HTTP/1.1
Server: 52.70.125.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-125-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 25 Dec 2023 10:47:16 GMT

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=47440E3F6C204311816184C3BE820E2D

62 B
444 B

242ms
166ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 25 Dec 2023 10:47:16 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

404

tpid=47440E3F6C204311816184C3BE820E2D
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=47440E3F6C204311816184C3BE820E2D

49 B
264 B

39ms
38ms

Image
image/gif

54.216.91.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 54.216.91.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-91-216.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.15
content-length: 49
expires: 0

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=47440E3F6C204311816184C3BE820E2D

0
311 B

105ms
26ms

Image
text/plain

216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=47440E3F6C204311816184C3BE820E2D
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 25 Dec 2023 10:47:16 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H3

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=47440E3F6C204311816184C3BE820E2D

0
9 B

27ms
26ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=47440E3F6C204311816184C3BE820E2D
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703501236475&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=t...
https://www.google.com/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4f...
https://www.google.de/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4fP...

42 B
154 B

34ms
34ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4fP0LSqgwMVOsw7Ah1xtweC&is_vtc=1&ocp_id=tF2JZbfdH7qY78EP8e6ekAg&cid=CAQSKQAvHhf_2jIf7TZeNRr42mY1FX7lRwjkDLGtMU3XrtUIJboGErMa_hSt&random=924653783&ipr=y

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=111215802&cv=7&fst=1703501236475&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=IhMIt4fP0LSqgwMVOsw7Ah1xtweC&is_vtc=1&ocp_id=tF2JZbfdH7qY78EP8e6ekAg&cid=CAQSKQAvHhf_2jIf7TZeNRr42mY1FX7lRwjkDLGtMU3XrtUIJboGErMa_hSt&random=924653783&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 36ms
36ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=47440E3F6C204311816184C3BE820E2D
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D47440E3F6C204311816184C3BE820E2D

43 B
895 B

22ms
22ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D47440E3F6C204311816184C3BE820E2D

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
an-x-request-uuid: 65128cea-adfc-483b-850b-3965918762b9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.134; 178.162.209.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
an-x-request-uuid: 039a4bbc-b294-4a4f-b75d-dee3129354d7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D47440E3F6C204311816184C3BE820E2D
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.134; 178.162.209.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=47440E3F6C204311816184C3BE820E2D&expires=365

0
239 B

124ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=47440E3F6C204311816184C3BE820E2D&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=47440E3F6C204311816184C3BE820E2D&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=47440E3F6C204311816184C3BE820E2D

43 B
201 B

70ms
52ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=47440E3F6C204311816184C3BE820E2D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=47440E3F6C204311816184C3BE820E2D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 24 Dec 2023 10:47:16 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESELEw2MS4As5k3-xYl0XUS4Y&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=47440E3F6C204311816184C3BE820E2D
https://um.simpli.fi/g_match?id=

0
320 B

23ms
23ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 24 Dec 2023 10:47:16 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 10:47:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6062 13 KB
5 KB 17ms
17ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 00:43:12 GMT
expires: Tue, 24 Dec 2024 00:43:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7D7D 829 B
560 B 27ms
27ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b517812fa526b7f83a287a3fb56a0b2feff15bbf15d81d9da93b17eabde5bfdb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bK05IBxK4YmFSRaM_381bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wava.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bK05IBxK4YmFSRaM_381bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 10:47:16 GMT
expires: Mon, 25 Dec 2023 10:47:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6062 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H2

200

ibs:dpid=87898&dpuuid=4c_e98a8309-1f88-4843-ab7b-86020536f712
dpm.demdex.net/ Frame F1EC
Redirect Chain

https://adobe.adhaven.com/bid-engine/cs/88cd52b8932ea1f9237bcd284fae8923/v1?puid=62989169264508439662293047501763076553&rd=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D87898%26dpuuid%3D%24UID
https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_e98a8309-1f88-4843-ab7b-86020536f712

42 B
717 B

76ms
76ms

Image
image/gif

54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_e98a8309-1f88-4843-ab7b-86020536f712

Protocol

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://katzmedia.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: DfOwAKbGTYE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=87898&dpuuid=4c_e98a8309-1f88-4843-ab7b-86020536f712
date: Mon, 25 Dec 2023 10:47:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7D7D 0
0 55ms
54ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=135673100263179&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6062 0
12 B 23ms
23ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_0ipeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:47:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7C8 0
0 58ms
58ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1946934566999897&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfOJRBHmFoCL2VdYkR4xMKJFag-CZ4PNDF5PXEYHCajKGsZnnYLWsjqe201LDTbKBNAgAAAD1SAAAAAmgBBwoAV24c4OM3XnSGv60_WLsQt06ZDE8gC44Rj5MJgAGOJSpPNCQRTaSQTF2ISPIPwYVEic2GYNAy5AeCJt8BDROUD5zjULBWBvUp5RThNFmoWJNxnabaI270ZJkDJzn9TgT9f0XrDEVfBiEasAbDxOPBYlrw1iGu29CswsPPH0cGNXwS4Y2q4JSue-3qi2ycqXluTR_VaAB4fYEbehFlGFE9Q6vCbVAUYdCRc0hItFtVcWdzAI2EtWHpIoV0FSWMOKiVwVFNjasT5YS4Ik6v3Dsf04VHNQBCg4yJdYuk_NxdrpuJfnB-U7CwQBFsk3K-BFn_2iU4mpd-R3I-SOwfv2Kn1Eu7wBkFwVsyswphl4YyMv273TZgHgppeLW-CbF9xH6qiGBDGNMjAMJaoyTMO1Mj8nVvEL0slL0wxqdYKt01bhK3_nJ4G77VE0H7K0rtQhn630H97UzIGb5vR4LLTeDiZ5k4yL1t8oQp1_FLFVphPbSt99GnY_wSJWQ-YINFhI0joT_HtqwPt1H04Opa_Eb3RpRssF8pLnF6P-9PngK8pEaUKpFXetQYY5LY85CTcpLUmelSMHIeFVACPkffI96FaQtZalIvG0nyeQ63a6Z9jMVYdqha4ugO5s61zuV1-nfpVXx1j0VHERIjWPE7Dpg2zN-I9XGSZUlJY-FKZ8IdKm2YnFirBcsdJe4m2GjSCUmLPf5CJtn5uCzgw6urIaJQsqyD2c3d4wpF0G9Pm3wIj0Gc8FPQ9dhW1_dhMj-iBl7U5fi2-m_aTi4g9tONVbVTu4wvofLteVFknnDtwz5wCR9L55JhqNzAbHa_cYQhbmA6lTbjnVYcjYPaW91QK2LveqRXcDQ5eAhc9MgumIjnOx7XDc_Sy0Nxf_IHY5QAUEo0tZccnJllDKNAhfYFD-xEgVEy8zTxdNs_7-PoR_8uFK1IHBqsT2u_GL-fD59f1IjLbVlTAJHYLSexT1o7DnjMPuzUgFbP65uVWvO-gr19HjSp4HlL2q9t-UuOofQhraHVtcpoXAttxMNnpwjyVRLzrqgB0u3TJcJdDpmorDvTWrH0MQUa1OELdOy6kZ9vaIsL660u6EluPyei24pSgJxZbb5wXQJSsixMjD-iz3vI0Xc8B8ccfZliWjxmVGjJeM5-_0ow_JMcWzNtuzgwmOF3_gCG9sw1W1hsHBPG6mb9f9kUNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E678 42 B
64 B 56ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFJM8m0oxGKPE15NobBMvG9sp03lc0vRQCdYCGjcJSoJYgxxRDVhK8aZAG25KBNQT_yh3WyNXRwehGfZi_WzXW7fmiMijhvXoUzw5_MjegT14zdafqA-o99rOb_OpC931xEFQo3W5mGZVBnDkV1yppV4QfrKV4uhSdwVeTWrhR95atURKj-hE&sai=AMfl-YQomxFdSducWwtCIbJVlBDAIVaGidVw84_v44U81JLBQxPvfZLHdrf1PwZ9GJT-Z0uvQBiHAt-5rKFvqncFJv8q1rd3y-WWJ24yzeYGoA759Z0jeNZqUVzCeuf3tgu4TZeuW1EYqcLUE3C56DckFA&sig=Cg0ArKJSzKcYO6r0d4yuEAE&cid=CAQSTwAvHhf_R0NJpuBm3d_AJGk3i9sl13tgJ2nMX8eNTip8Y4ic9UYulP-e4RUuClPzbukuPsmh-47crBzE9cXSv-Zwe3r4wcUrhA8hO663GFUYAQ&id=ampim&o=200,975&d=1200,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=418&tls=1418&g=63.999998569488525&h=89.99999761581421&tt=1418&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
katzmedia.demdex.net/ 3 KB
1 KB 40ms
40ms XHR
application/json 54.77.143.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://katzmedia.demdex.net/event?d_dil_ver=9.5&_ts=1703501236951

Requested by

Host: cdn.saleminteractivemedia.com
URL: https://cdn.saleminteractivemedia.com/shared/scripts/dil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.77.143.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-143-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b7cabde4b5989b844661859a4d4b00d20230bfbb69bccde4a65a0a47d7fd266e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wava.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: cRmlhxhOQbs=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://wava.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 931
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E7C8 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU9iIAM3_Mtt9wcJ13vi5x8xBpxNpJGqGWuPetSFyF4xHx144DrIC-F4toZHQT33ArQfrJWthDBO2vkQRcvwPEWF33m-kR2yEpn3nZvw-hrImXSFD8JDgzgsXNerJU5hArvvQwWSDFfEQQJrBTt6trTQ&sig=Cg0ArKJSzHXqjskp-E6REAE&id=lidar2&mcvt=1000&p=321,436,411,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=813501648&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703501235462&rpt=495&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: wava.com
URL: https://wava.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=135673100263179&bg=!fn2lfTLNAAY3kmNgF5I7ADQBe5WfOPhQHY-E-XDWpXuij4FrwDMGRL9hPgGCjfjYhx_Swv6RdMcgqroJc4NwQIY2hYG7AgAAAC5SAAAAAmgBB5kDBTBn7P2ixZU4NYVYlC3ETemdjcOekhzSGqGz2mRID1qoYVWmk_5scWSoMbLg_NtLx5JzRMwHkw0Lt57DrTXlet26XJJz0TD1kbxot07NXm51GPx6th4GoKLVtQt5WUUgA_jBNMz1i5QJFAq21_DeXdsVnoKyEvkIHiHw23yqi27JqRzrmxcfJ2qDOeeTKpYznRaolONzGp1uT_kmnuJ6kjt_e9TNF0zy3709xZ4ni9FdMQK9zifWqYWVD4I1maGiCB0cYJH7WbCnE0HPZqzVTcFEVlnFfH83DMphbujD_eSsUNXZ7lo9b_DLNdLTwKxVy147V5bpvZXkoqJ8WeCui9UQWIA9a6lVmbc50ZSd9Jskcxp1r4HP2rYzGxmijRYMPUma3377Uxqw99VSUuzPi90vQpuJc-X4lDdnTN1jHHeSN22ep1uEZis-mBV59jQ28qMwj5xsH9gEuRCJ0N5TyMYwzUvNdXpvGBlI7kcNHh8fBPPmt9nhshf8ugbykSloaO-pWAoKsJSYdG3tWkBxHC07nesVongHtojSvOoqhDFDXMwc6SHoKhS7Gs0W3YCrs7_76hR8evZKqnDeYq3uxV5dxzfxBus7sQBS6uW3ZxKz4F5B4ap0rdPq1xQRLqlHRrb1r-SVjex5cOkgpo4KVcAwxwPhK263fUFs3_TjunjtNaJNkuUweMDZ3jHc6AXARIa1DwAaDg7gePyx-Vnn51rZRHkkJh8D6-UjKri1sBecFaELhXWHlis9-MRpKCnio8DianYese59iOe76c7h-3esObS4e1f9JkBdFbOktO3o5CqWakPL-QbvN2tyw6d7SF9uHyC_Zd3iaRwIa4xNmVEFqb9K1zMydg87XvBGSQhtDjFQxfWE_4_gOi_wQGhEFcArG9UIrfnFAlrUh8e-31hOvRNDddIq2TrdcydIXlMCBfVSlh99juwwVcZYnctWSUSRTzk6X1d5QhSQiugWYvERLaDbvBbe_jZw-4nGX8AfK9OAvuNfmkJK_sKUNFiPpwnkFFaT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C8AE 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyli_qFt6UUC7Z8oWItqNwgHR25fIWYxKwynvvXCuNSP7iiBCRhzjOJw7N3PZivzCozQiqpJAdRsITie7H3fHkG9gITwcpnu9-pZvldIXIqdrfDHy4ndGy8XpoBX6ha0TEPKUEXQdCVPAuWirOzrR6eOhW&sai=AMfl-YQxSY6X581b7Norv75aKILvuVNDzgeaK__8f5cjrO-qtumu3DyZeYcaP-5F6Q6d6XUXAnXNL5tm-jIWsHw8fyuGlkBZAJ2mzP76JoJahOrm0KFQiDM6ldOg2j70&sig=Cg0ArKJSzJrs9Npr3tDREAE&cid=CAQSPAAvHhf_y4XRtg7bEMXmGYnkvgDY0auDreTAPTOBDkwAYt0l1VnV2yVYyg5Kdto0ewC_whNZ3jRUZZXlMBgB&id=ampim&o=436,322&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=139&tls=1139&g=100&h=100&tt=1139&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q8YY0N65FC&gtm=45je3bt0v9119704214&_p=1703501233866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703501234&sct=1&seg=0&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=scroll&epn.percent_scrolled=90&_et=2&tfd=6373
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q8YY0N65FC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VEN16DTW8J&gtm=45je3bt0v894581662&_p=1703501233866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1703501234&sct=1&seg=1&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6480
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-VEN16DTW8J&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 22ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0P2N2JLF0R&gtm=45je3bt0v9169279357&_p=1703501233866&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=995915188.1703501234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1703501234&sct=1&seg=0&dl=https%3A%2F%2Fwava.com%2F&dt=Welcome%20to%20WAVA%20105.1%20FM%20-%20Washington%2C%20DC%20%7C%20105.1%20FM%20WAVA%20-%20Washington%20D.C.%2C%20VA&en=scroll&epn.percent_scrolled=90&_et=14&tfd=6515
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0P2N2JLF0R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wava.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 10:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wava.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click1.members.salemsurround.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9416FAA667413FE327D831AD1343F4E7
.simpli.fi/	1970-01-21 01:58:43	Name: suid Value: 47440E3F6C204311816184C3BE820E2D
.wava.com/	1970-01-21 02:47:41	Name: _ga Value: GA1.1.995915188.1703501234
.wava.com/	1970-01-21 02:47:41	Name: _ga_Q8YY0N65FC Value: GS1.1.1703501234.1.0.1703501234.0.0.0
.wava.com/	1970-01-21 02:47:41	Name: _ga_VEN16DTW8J Value: GS1.1.1703501234.1.1.1703501234.60.0.0
.wava.com/	1970-01-21 02:47:41	Name: _ga_0P2N2JLF0R Value: GS1.1.1703501234.1.0.1703501234.60.0.0
.wava.com/	1970-01-20 19:21:17	Name: _fbp Value: fb.1.1703501234282.1860292367
.criteo.com/	1970-01-21 02:33:17	Name: uid Value: c241f7a2-09d8-4047-ba65-9fb65273c55f
.criteo.com/	1970-01-21 02:33:17	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 01:57:38	Name: A3 Value: d=AQABBLJdiWUCEDrSm2ussa-lEm5aBA1c2fMFEgEBAQGvimWTZeAKyiMA_eMAAA&S=AQAAAnSoAGkqGAMAcbNEUpbOxOE
.wava.com/	1970-01-21 02:33:17	Name: cto_bundle Value: zc0AF19HTHdZS0lGalYlMkZMbiUyRjJ6ZnlxdHl5S3R3Z0JabU52YVI3MDdHNEI4alRidERrUnk3Q1pUUnhPWVRLS3FZSk4zaHBYam02JTJCRkp5MTc3M1FLVUtXbGtrciUyRnFwZnNwcGRCalFnSExLS3lJcDVZc3NNRldJdUR3RlRKQnhLQ3h5WkJZQXUxalNGOGlQcG0yWGhhdjVBVXl3QSUzRCUzRA
.openx.net/	1970-01-21 01:57:17	Name: i Value: 45d1215b-45e1-438b-9a01-abc9f7270cd2\|1703501234
.wava.com/	1970-01-21 02:47:41	Name: _pnvl_v1W215PJ Value: false
.wava.com/	1970-01-21 02:47:41	Name: pushly.user_puuid_v1W215PJ Value: rJDOhXdeUvkBob1O43IMh161gjBnlkXO
.wava.com/	1970-01-21 02:47:41	Name: _pnss_v1W215PJ Value: none
.demdex.net/	1970-01-20 21:30:53	Name: demdex Value: 62989169264508439662293047501763076553
.wava.com/	1969-12-31 23:59:59	Name: AMCVS_43AD1E57612418B90A495E63%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 01:57:17	Name: everest_g_v2 Value: g_surferid~ZYldswAAANE33wOV
.dpm.demdex.net/	1970-01-20 21:30:53	Name: dpm Value: 62989169264508439662293047501763076553
.wava.com/	1970-01-21 02:47:41	Name: AMCV_43AD1E57612418B90A495E63%40AdobeOrg Value: 179643557%7CMCIDTS%7C19717%7CMCMID%7C66358181042716740701490582040596920865%7CMCAAMLH-1704106034%7C6%7CMCAAMB-1704106034%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1703508434s%7CNONE%7CMCSYNCSOP%7C411-19724%7CvVersion%7C5.5.0
.wava.com/	1970-01-21 02:33:17	Name: __gads Value: ID=a30240bc089bf7a7:T=1703501234:RT=1703501234:S=ALNI_MZ7fsMvCfQsptEbw7ppmAU8ZMtTKA
.wava.com/	1970-01-21 02:33:17	Name: __gpi Value: UID=00000d2af772687d:T=1703501234:RT=1703501234:S=ALNI_MYU4n_mkEctW1ejV7YPVkHPipP_XA
.mathtag.com/	1970-01-21 02:37:36	Name: uuid Value: 0bbc6589-5db3-4d00-9f68-a46a42649d60
.doubleclick.net/	1970-01-21 02:33:17	Name: IDE Value: AHWqTUnI2UTQ30GaW7DjayZAL-EF1SuPwXlR4uM1nPMdNsNIrZVLjy6j-LEhBAXU4M8
.doubleclick.net/	1970-01-20 17:11:44	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:21:17	Name: ar_debug Value: 1
.onaudience.com/	1970-01-21 01:57:17	Name: cookie Value: 0bb74476bcf3a01c
.simpli.fi/	1970-01-20 17:21:46	Name: uid_syncd_secure Value: true
.demdex.net/	1970-01-20 21:30:53	Name: dextp Value: 269-1-1703501234982\|60-1-1703501235083\|477-1-1703501235184\|601-1-1703501235284\|992-1-1703501235582\|22052-1-1703501235732\|575-1-1703501235846\|73426-1-1703501235954\|121998-1-1703501236069\|175765-1-1703501236187\|161033-1-1703501236287\|348447-1-1703501236388\|285689-1-1703501236488\|87898-1-1703501236588
.pro-market.net/	1970-01-20 17:54:53	Name: anHistory Value: "-s93lhzmrecjf+2+!#7%.&$!fCO"
.tapad.com/	1970-01-20 18:38:05	Name: TapAd_TS Value: 1703501236648
.tapad.com/	1970-01-20 18:38:05	Name: TapAd_DID Value: e59fc1dc-726b-440a-ab30-477d6e6e6c73
.tapad.com/	1970-01-20 18:38:05	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 01:57:17	Name: ab Value: 0001%3AfHahT2GVYJq9Kd3htJsGa1CzLn8gVlMT
.adnxs.com/	1970-01-20 19:21:17	Name: uuid2 Value: 6538131937386532619
.adnxs.com/	1970-01-20 19:21:17	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In3lWq/W!]tbPl1N!7On*M$=BWV'e8OMEk_m]sfQBfLi-X^ZglA8Jl#AIxdX=SGfD3P`raScS/X%W#.wL4W1Qw2BWNA@l
.adhaven.com/	1970-01-21 02:47:41	Name: uid Value: 4c_e98a8309-1f88-4843-ab7b-86020536f712
.pro-market.net/	1970-01-20 21:30:53	Name: anProfile Value: "-s93lhzmrecjf+1+1f=1+1g=1+1j=41+rs=s+rt=2A000C982050A0070002000000000005+s2=(s67xys)+vm=24-47440E3F6C204311816184C3BE820E2D:53-CAESEJNb1cCrhCqjMWjhf0b8G8Y"
.agkn.com/	1970-01-21 01:57:17	Name: u Value: C\|0AAAAAAAALRwaNAAAAAAA
.exelator.com/	1970-01-20 20:04:29	Name: EE Value: "87816c6a647ceca31e622b49499a8d34"
.bluekai.com/	1970-01-20 21:35:12	Name: bku Value: blx99nH5iVPVKxys
.bluekai.com/	1970-01-20 21:35:12	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwExlBexyHEBsBA101exp1EWT1ERhmeHe16Jame/yHEJW9y9iEx+R
.exelator.com/	1970-01-20 20:04:29	Name: ud Value: "eJxrXxzq6XKLQcHC3MLQLNks0czEPDk1OdHYMNXMyCjJxNLE0jLRIsXYZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR8L8AYAhdgpog%253D%253D"
.1rx.io/	1970-01-21 01:57:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003%22%7D
.wava.com/	1970-01-20 17:54:53	Name: aam_uuid Value: 62989169264508439662293047501763076553
.bfmio.com/	1970-01-21 01:57:17	Name: __141_cid Value: 47440E3F6C204311816184C3BE820E2D
.bfmio.com/	1970-01-21 01:57:17	Name: __io_cid Value: b2151d43c88d691336de4e2cf30bac5c2ff09fcf
.targeting.unrulymedia.com/	1970-01-21 01:57:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-02e4ac9c-957c-4d4e-ac0d-68628701c399-003%22%7D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=62989169264508439662293047501763076553 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=62989169264508439662293047501763076553 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/dfsb9ln9frexb/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=47440E3F6C204311816184C3BE820E2D Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=47440E3F6C204311816184C3BE820E2D Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=47440E3F6C204311816184C3BE820E2D Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad988b387e587728ded1160d3ba9f640.safeframe.googlesyndication.com
adobe.adhaven.com
ads.scorecardresearch.com
bcp.crwdcntrl.net
cadmus.script.ac
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.p-n.io
cdn.prod.uidapi.com
cdn.saleminteractivemedia.com
ce.lijit.com
click1.members.salemsurround.com
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.agkn.com
dp2.33across.com
dpm.demdex.net
eb2.3lift.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
feff1efe59aefc54cfc572719039269b.safeframe.googlesyndication.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
heysaltylady.com
i.clean.gg
i.simpli.fi
i.swncdn.com
ib.adnxs.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
invstatic101.creativecdn.com
katzmedia.demdex.net
loadm.exelator.com
ml314.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pbid.pro-market.net
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
s.ad.smaato.net
s.yimg.com
salemlivechat.com
securepubads.g.doubleclick.net
sim-cms-public.azurewebsites.net
simplifi.partners.tremorhub.com
sp.analytics.yahoo.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.intentiq.com
sync.mathtag.com
sync.targeting.unrulymedia.com
synchroscript.deliveryengine.adswizz.com
tag.simpli.fi
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
wava.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xp.audience.io
13.248.245.213
13.77.83.246
130.211.16.234
141.94.171.212
162.19.138.117
172.217.18.2
172.64.152.89
18.165.183.10
18.172.242.100
18.239.69.49
18.239.83.126
18.245.60.76
18.66.112.48
2001:4860:4802:32::36
2001:4860:4802:34::36
205.234.175.175
212.82.100.181
216.52.2.91
2600:1901:0:8eee::
2600:1f18:612b:4216:4325:b598:a92b:8a38
2600:9000:2250:8400:a:e047:753:a221
2600:9000:25a2:ec00:1b:5138:8a40:93a1
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:20::681a:cc
2606:4700:20::ac43:49d1
2606:4700:4400::6812:2412
2606:4700::6810:5814
2606:4700::6812:1691
2a00:1288:80:807::1
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9b
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
3.125.137.228
34.102.146.192
34.111.113.62
34.117.77.79
34.120.135.53
34.241.138.233
34.95.69.49
34.96.70.87
35.204.158.49
35.234.162.151
35.244.159.8
35.244.174.68
37.252.171.52
46.228.174.117
52.17.242.240
52.70.125.191
54.171.212.97
54.216.91.216
54.77.143.29
54.78.254.47
67.202.105.23
68.183.113.21
69.169.85.6
69.173.144.138
69.192.160.219
74.121.140.211
74.214.203.11
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
0193a740f168befc2f489b960df677ce7d24defb63eade6a5354d92d2f990ec6
053a6f03941f31f2014f86dc23ff65b80c31929f6a6fc4b00b500201bb3cc57a
059291739739a339aeed9bd7f3df6486b8f564a1cd7a1496b46b7aac340c3865
05e5a37cca6a31066fd8805c238c64e49fa056f0a5d7f9e19aff5c70b35f3394
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0860756e4fc47130fc93aa7edca1801f10b8c916b191f71161502971088401e3
09327fad8fb84516dec403165351b9af1b86b7d01a083678afdec34d33875d58
09508383c9f0284e0d011860afd8e225ab09a7d9660df76a8faa1faa06c5a311
096c48cfe3db87948779f2cdf5dbd2a24bb9dfdd86564d49c94bb9fe1cddc743
0a1eef0b52b81a2860caca1710158372941d85f14b6db557b99da6d8cdec1f51
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e1b1f3aebcd5d6ab7f88b41fb904afffc8751bdb841e5bc850760834782407a
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fd63111612f20cd4b65c93e262295a6306065f66fb2961957dcb08d5ddb1e4d
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12bdc5d4cadcdb794b13b4cd1cfb46b2bebdd9b7555696affe453ef4031a8eae
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a4b8d43e1382631eaf7b9ec13bfbd07740a5343fdb6708be12c5f85bb42a21
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1951f0a1372aaa26756835bb48dd597c23ab25ed33e5f2e9f83f04431749974d
19d94007e00a0252f63b08cb935ebb0769d772ec2c41e37f2a2963c78ad68074
1db941e0511296c5c712e79132a2edcd711d71cc5689201e99436f62e0799751
1ff99850cd842b964dc23a434e8942a21627d7251cff903e10cb76698e8b7e9b
212fdfad718a69574e512f9f185792de8d7cc2725f259092a4cfe2306c7515ca
27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055
285b79bb40030e20d8c54cd58eb93466d0107ac1e0a7af9b6fbbc549ca51c08a
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f46f34e55177a47695917bac03083369faba890b9aac00ff75d89ed5e8855b9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c63be81df1d31ef5785e799382c632c4e78b57a87f824ef1d2578b3f548c66
31d22c7bed97844a69b8dafdeb37089ca007dab2a9769baf74659801e792a605
31e0826fa61406dc51c842856e849e75aefa68932a1ed9f8b909337990cacd23
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3363244739b541208e3a660d913296de1cc4092818cc758bc4e180c8ae66fc44
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38275885fb99d160c29d531207b23c29bb2e4b23250d60ecc8856e33e95cae32
3852aff712945cbe6ce88dfa8eb4424832943e183977656fe36d25621a48feaa
38e9596b7eeeb5ff555a25041cc5c87042ac435ad533b95dfa49e27fe4c4bbfa
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c6531c44a2cf946366523fe9493d6f52e51c13372b0244dc46e8dfa4d7ae86b
3cbacddde7300222bde23de6eccfb8f4ecbdaf23a7a8c632c18a722202d28293
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4786da47dbeb4d4225a727e2fef3542b5cd3c6e0f68ceb40e2e64f122ab20618
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48b19a51afdcbc8fb8e131cb3e187e9e32db78bebae13561db1cd0c9b197a628
499772113273b494253c46f6621dcbdfb4faacdc61d036933e9e9324ebe76dee
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
4b362acd68b679ff4523e6a9e5c081f4c41d385704d0e2fe048665c2017d0511
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3a3342e8fce37ddb44ab05612a06bf69d7dc95385f81eb37ab44af6c234124
512981cf5cec215c8ce551bacc20c1138991a6c2fedb05337d184a5aeaf707a2
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
588133c793503d8e894dd83e66971a0021c12acefe6003c60e2faa40948d09b9
5d331bdb003525f9cbfba474558634f22082fd5b6c6f266aa09763f4027a1da8
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
693e536e33456961246fdd5d9488af2bcbd1900ad8f72787488ef466a60126c1
6adeac8be77fa163d3175150d14cedbabe97e2772a674ae1021213259ab04d5d
6afc5d99e5c7d366e9734f175abbd5c000889b4faf9abc504832b3d6c242c36c
721d7cffc9278133fb51e6d9f6e88c803770a2ec1250e45fb92ef51fdc3b19d7
72a6e0c646aac2e2aa4a07c1df0d65192bf4698a69f0295723a20269f5f98b50
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
752c8ef1ac11124452580f1e5c8c017341e0d1054638d10bda53e43213f547e3
752e96d467e756ecd88ce70bca90083a57c786382d415ca2d31dbc65b90c846e
75eca9b2cf8d475151692fb6cc47c2c1b7b48f2ee253c2ab5dca95aad8f15ab7
77fc22a31c646a73f49be350a30b611430f556615a62cd157e14ec50e338e9e8
7b6ad6159704469de9025f78f86a21acae5e9c73202de9e7e5ab7a85cb51d040
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cecf563ff97e13a289e075893188b47491ea5b40b9681dc3e7964850edf6b0e
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83602acd282ca2b68834289460e4b8a0308d8036b5162fe7e2914c451d4eadbd
843245d38197c1ae733406b6faeda0f9b53376d8853df5d513a880489c822166
8aa3d35746ef3e1eb3030a3c31506846fb2ed31b84f581bfdac36d539a4d3fbe
8b6e985dacbc7b1bc435f1056fa32b8dbfe6cd2db59df58a5d7918fe47da8204
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9317301f8c7e782d789dc2c5c7eeef2242be13598448eea1e839180ced922a5d
96b55fc8861330f9232a77894c2d4dc75cabe75859bf489432212f32001007ea
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
986841307db09386ceafe253761bb5afc8446769548317550d4e520a9028bdee
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9cca86ed04972c1c733afb4d2fef5bb212b864b9a3b3b14dcd32d215b72fb2b3
9d86d539082126ed1bac1cf976cae08f05469707a250b89665baf97b2a6508df
9e55979958f32733f64f70149f23b6d92aa83a65cfe031c1883b8963ae461842
9e64d6aa3d2fd0e9af76f52e640e4cef153a52ccfc38bf67f39dfc6b88c54c40
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0855004f4091e6a2a4adb87058b4e0b9aa02de9e6c236d9a521be22943fa43e
a209e3f03b7288042d3a4bde7b9f78eaf06a899315d4a7138e371af6279989ff
a22ce1e08fd2ba8b47f0e4db8dd62b98526d37e96bcf558061b112ab0fd3b5b3
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a55286fcc878a71dd2b44f549a39a97332aff7bfd8a8e77f1e2ef7219aeb7faf
a599549523e1d68efff4617e197beb56aff53b3ca7576690e34d3a90d23c278f
a77fa6201109ac0d9655ae7b8ce65e345fc60ef320fde77febca102a5bbfc8c0
a82c69945172ac0b874255f62efccf5c5550a2d53cec3c4c37ed4e80099b798c
a9c4b0e01dafee14e20818adbd6ea59f6c0e547f804ca56109b1b16e946ca781
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af62c27f0966dba7d5378474ed00df607ee9d622637d5759f0da2c1003359d80
afdba2bdc2847d665dff96aab3323dc18c94c61e0c2b4bf67d10d670af44c30c
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b517812fa526b7f83a287a3fb56a0b2feff15bbf15d81d9da93b17eabde5bfdb
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b
b7cabde4b5989b844661859a4d4b00d20230bfbb69bccde4a65a0a47d7fd266e
b7e9855abffcf911c5d45ecac366d14f2f62ffe22255f61c5098edd48e49425a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6e6513396b5fd53b33e31d77ff032f616870ecb930e41768f9dc0c8684e2a3
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
c08d70384a42fc7c88957773a0a5b2d2a9b50ae3a7e3955838c613653f558a4f
c0ba39c961c040f5047336cf91ff4debb32d0b87952f96c092f6290a7e14c219
c1482a9f75ba2e56f74e6084fe1e9ebfcb5c9054f7ab533c1973d45049f1c258
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
cc6055af04ba8bda7a8a435e032c367aca20d10f41613cdbab3ae9bbe47178ba
cc6d18fd6888f399d6b9d2a532c2f17ab893ed472c02adf5b6386d082531ad3e
cd15389ad5ea417d930260a6273f7eda00fb8c4448de99eb6f4eafa32c08050e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d2c7d6aeec6d474a3549f1130375659559c68aeb97c9896d44fb7b54c99e55ed
d56dd83d0ad1d21a8e1c1f5c82ac1ebe16073a13c87dbfe38784140ef0daf4fe
d610218a7547090c39359a77303c58a4eaf7ccf19ce108fe395439dc7d4121a5
d6f3280b7afb3096ad2c19bacfe5eedd55d3b4434dd98f855430e13f40a767bc
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d96f6763a577fd83207f571f346b5604dceadfacf55f925e1146f71b8e9fff7b
dcda158b52439c44392cb6bd82bae4eda6d9b32174c00effa046405d25f9deab
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e03be07ff491f40cd345d017545075718438fee1e5d3f7b9e36d08a0f9bbc9f2
e30feafcd25ddef80852b736f1d589a7b3ece7d00b045e0e68b7479f4a70fd5a
e325796ceb56d0164e6607348f32959ae812b01bac478a7869975e5bfeb3eaf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ebf3f5cd95bfb55a38133898af32e78e9a34feed8484a795249d9c69f247eb8a
ec117a86e37ce5d803887e844fd859f9380d3c825793279d7602e75cd7423e93
eec6ff2ba1158bf01ded31b225e89dd731c695b3ffecfd48d25eea23fea56fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5547abcac6b6fa25cad736e29f7697596d1559ea35fba1a14c0c3e76d42fea7
f5651c35759d1f04456526e28c5768d622966c565eb311c7d9a207715ee9ec44
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5efd508ab758291f1622f3652fb2828e6d5e3dbf5a1cdf0e1adbabf6ee5e163
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83145ac5681047a7b35251a24baea48a70183e8771e6156308d1c2447bb4284
f8d27a2c90705530c94c11f296470700abb6dd12d1ec4a020e63aa6c239afe1d
f90c6aceb567730b5098e5862c5c03fe86921ab2b373ebff9b38ff5b02d805bb
f9a299361bf7b630d53ab36b7773f4a0b640859645a389eed3d48fb793cd23e3
fca0e551889966bfd7bc17973749671b1e85b15360dfb8c0ca4db65440ea438e
fd36efcf78709ea7b1c63910c50f2ff8906a35f0a8fc4bda6f14bf569fed51fe
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

wava.com Open in urlscan Pro 2606:4700:20::681a:cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

255 Requests

85 %HTTPS

44 %IPv6

65 Domains

87 Subdomains

66 IPs

7 Countries

5027 kBTransfer

10528 kBSize

48 Cookies

19 Outgoing links

Page URL History

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wava.com Open in urlscan Pro
2606:4700:20::681a:cc Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

85 %
HTTPS

44 %
IPv6

65
Domains

87
Subdomains

66
IPs

7
Countries

5027 kB
Transfer

10528 kB
Size

48
Cookies

255 HTTP transactions
12 data transactions