www.phrasemix.com Open in urlscan Pro
2606:4700:3037::6815:50f3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.phrasemix.com/
Submission: On October 13 via api (October 13th 2021, 7:46:09 am UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 32 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3037::6815:50f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.phrasemix.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2021. Valid for: a year.

This is the only time www.phrasemix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3037::6815:50f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
12	13.32.23.87 13.32.23.87	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
1	65.9.66.64 65.9.66.64	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
4	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.1.182.12 3.1.182.12	16509 (AMAZON-02) (AMAZON-02)
1	52.40.160.59 52.40.160.59	16509 (AMAZON-02) (AMAZON-02)
1	52.26.206.111 52.26.206.111	16509 (AMAZON-02) (AMAZON-02)
1	54.187.25.111 54.187.25.111	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1 9	35.164.229.85 35.164.229.85	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	52.16.214.249 52.16.214.249	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	54.189.240.181 54.189.240.181	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
109	38

4 2606:4700:3037::6815:50f3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.phrasemix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.32.23.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-87.fra56.r.cloudfront.net

d356qujqspw52j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

7760d55467f94f668aa04c2682895436.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States) 1 redirects

ASN54113 (FASTLY, US)

go.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.64 (United States)

ASN16509 (AMAZON-02, US)

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.182.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.160.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-160-59.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.206.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-206-111.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.25.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-25-111.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.164.229.85 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-229-85.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.214.249 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-214-249.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.189.240.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-240-181.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	324 KB
12	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	17 KB
12	cloudfront.net d356qujqspw52j.cloudfront.net	2 MB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	79 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
5	google-analytics.com ssl.google-analytics.com www.google-analytics.com	40 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	95 KB
4	pubmatic.com 2 redirects ads.pubmatic.com image2.pubmatic.com	114 KB
4	brainlyads.com hb.brainlyads.com	304 KB
4	powerad.ai powerad.ai reporting.powerad.ai	38 KB
4	phrasemix.com www.phrasemix.com	728 KB
3	google.com adservice.google.com www.google.com	2 KB
2	facebook.com www.facebook.com	460 B
2	openx.net 2 redirects u.openx.net	876 B
2	facebook.net connect.facebook.net	172 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	962 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	googletagservices.com www.googletagservices.com	75 KB
2	google.de adservice.google.de	1018 B
2	hellobar.com my.hellobar.com	80 KB
2	ubembed.com 7760d55467f94f668aa04c2682895436.js.ubembed.com assets.ubembed.com	48 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	mathtag.com 1 redirects sync.mathtag.com	652 B
1	sonobi.com sync.go.sonobi.com	478 B
1	aufp.io aufp.io	3 KB
1	zprk.io pixel.zprk.io	3 KB
1	googleadservices.com partner.googleadservices.com	676 B
1	disquscdn.com a.disquscdn.com	1 KB
1	disqus.com 1 redirects go.disqus.com	234 B
109	32

	Domain	Requested by
13	pagead2.googlesyndication.com	www.phrasemix.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net www.phrasemix.com pagead2.googlesyndication.com tpc.googlesyndication.com
12	d356qujqspw52j.cloudfront.net	www.phrasemix.com
9	ids.ad.gt	1 redirects www.phrasemix.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	hb.brainlyads.com	powerad.ai www.phrasemix.com
4	fonts.googleapis.com	www.phrasemix.com googleads.g.doubleclick.net
4	www.phrasemix.com	www.phrasemix.com
3	www.google-analytics.com	p.ad.gt www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	www.phrasemix.com
2	u.openx.net	2 redirects
2	connect.facebook.net	p.ad.gt connect.facebook.net
2	match.prod.bidr.io	2 redirects
2	cm.g.doubleclick.net	1 redirects www.phrasemix.com
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure.adnxs.com	2 redirects
2	ads.pubmatic.com	www.phrasemix.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	reporting.powerad.ai	powerad.ai
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ssl.google-analytics.com	d356qujqspw52j.cloudfront.net www.phrasemix.com
2	powerad.ai	www.phrasemix.com powerad.ai
2	my.hellobar.com	www.phrasemix.com my.hellobar.com
2	maxcdn.bootstrapcdn.com	www.phrasemix.com maxcdn.bootstrapcdn.com
1	www.google.com	tpc.googlesyndication.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.phrasemix.com
1	pixels.ad.gt	p.ad.gt
1	sync.mathtag.com	1 redirects
1	sync.go.sonobi.com	www.phrasemix.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	a.ad.gt	www.phrasemix.com
1	pixel.zprk.io	powerad.ai
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	assets.ubembed.com	7760d55467f94f668aa04c2682895436.js.ubembed.com
1	a.disquscdn.com	www.phrasemix.com
1	go.disqus.com	1 redirects
1	7760d55467f94f668aa04c2682895436.js.ubembed.com	www.phrasemix.com
1	ajax.googleapis.com	www.phrasemix.com
109	44

This site contains links to these domains. Also see Links.

Domain
learneng.xyz
speedypaper.com
www.mercurynews.com
essaypro.com
writepaperfor.me
englishclass101.com
www.lingoda.com
writingmetier.com
www.topwritersreview.com
www.advancedwriters.com
bestessayservicesradar.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.zprk.io DigiCert TLS RSA SHA256 2020 CA1	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-23` - `2021-10-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.phrasemix.com/
Frame ID: F91051ECDDE42822F151D13D91B68B1F
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 25CB2C32CD43AD2FFB119785A29DB901
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&adk=494550554&adf=3127182129&lmt=1634111162&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.phrasemix.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161987&bpp=2&bdt=414&idt=166&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=884844623892&frm=20&pv=2&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
Frame ID: 095B9EE64EC7D998F9A3D63E3B1DF7BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&h=280&slotname=7770631853&adk=3447636909&adf=2460386197&pi=t.ma~as.7770631853&w=1200&fwrn=4&fwrnh=100&lmt=1634111162&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.phrasemix.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161989&bpp=2&bdt=416&idt=195&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=884844623892&frm=20&pv=1&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glrUBps8do&p=https%3A//www.phrasemix.com&dtd=201
Frame ID: 6E99935C7B80CDD30AC5E740F5DFCB59
Requests: 15 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 84B28986C4F0ECFC0A25B7848FE14D85
Requests: 3 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 4F037A95AB4CAA1FCD556397466F24D3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: CC8A0C0F371ECDF16BCFDEB3F7A6EE2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7BCA7A71D65B71099F98E690708E910B
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4DA354F7DA4FE14D8830575BFBA67614
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: DF9DAD52A6EB56AD9AF03216923AA697
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0AD2B43D4CB2866E59724C27A161FFA5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C139F60DDE77F4B10DCB9A2008CE273E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Learn English Speaking & Grammar like Natives with PhraseMix | PhraseMix.com

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

100 %
HTTPS

41 %
IPv6

32
Domains

44
Subdomains

38
IPs

6
Countries

4555 kB
Transfer

7369 kB
Size

49
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://learneng.xyz/headertakequiz
Title: Free English Fluency Quiz

Search URL Search Domain Scan URL

URL: https://learneng.xyz/planstraffic
Title: Learn English Phrases

Search URL Search Domain Scan URL

URL: https://learneng.xyz/rootpagestartbutton
Title: Get Started »

Search URL Search Domain Scan URL

URL: https://speedypaper.com/
Title: Essay helper

Search URL Search Domain Scan URL

URL: https://www.mercurynews.com/2021/09/08/the-6-best-college-essay-writing-services-online-review-of-popular-paper-sites/
Title: Top University Essay Writing Service Reviews

Search URL Search Domain Scan URL

URL: https://essaypro.com/do-my-homework
Title: do my homework

Search URL Search Domain Scan URL

URL: https://writepaperfor.me/
Title: Write my paper for me

Search URL Search Domain Scan URL

URL: http://englishclass101.com/
Title: English Class 101

Search URL Search Domain Scan URL

URL: https://www.lingoda.com/
Title: English Learning Services

Search URL Search Domain Scan URL

URL: https://writingmetier.com/thesis-writing-help/
Title: Thesis writing help

Search URL Search Domain Scan URL

URL: https://www.topwritersreview.com/top-10-essay-writing-services/
Title: TopWritersReview

Search URL Search Domain Scan URL

URL: https://www.advancedwriters.com/
Title: Professional Essay Writers

Search URL Search Domain Scan URL

URL: https://bestessayservicesradar.com/best-essay-writing-service-reddit/
Title: Find an essay writer on Reddit

Search URL Search Domain Scan URL

URL: https://learneng.xyz/internalpop90s

Search URL Search Domain Scan URL

URL: https://learneng.xyz/internalpop30s

Search URL Search Domain Scan URL

URL: https://learneng.xyz/internalpop15s

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://go.disqus.com/count.js HTTP 301
https://a.disquscdn.com/count.js

Request Chain 82

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=8198759355348003966

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=871a21da-bea2-4018-b2cf-d50d0a21bd54&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

Request Chain 84

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=E3DF2D4E-1F60-48F6-B147-D214D57D518C&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&google_gid=CAESEByyIcIvkrwwHlrLvH99Juw&google_cver=1&google_ula=450542624,0

Request Chain 86

https://ids.ad.gt/api/v1/g_hosted?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTRhYjc0NDMtMGNlMS00NjU0LTk3OTctZDI1OTRkMDFmYmIz

Request Chain 87

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAETGE7CzR0AAGdnqnSYAw&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

Request Chain 89

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=7b926166-8ebb-4300-bf9d-540e8f7d3a43&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

Request Chain 95

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=22a662a5-82e5-44fd-a032-e11966f72c87&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a4ab7443-0ce1-4654-9797-d2594d01fbb3

109 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.phrasemix.com/ 32 KB
12 KB 370ms
349ms Document
text/html 2606:4700:3037::6815:50f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:50f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3731af076ca9c4d0fc2636f66175e8b0d824c79438e4a60972ea06889f578c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.phrasemix.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=0, private, must-revalidate
set-cookie: _phrasemix_app_session=RkVOUVFoNjBUdldRbXBOWTFBUVliNTlVRWt2aVBJaUhQbEI5ZUJCTlNvZXNRU2pmdVpNY21uYWFkOXRIS1FEaHZHUmZTaW9RWmRXSHRHN3U2QWswbkl3cTJacVpOQ2xhUk9ueXMvOXJZbEFueFpiK1BseVpuSUgxWTc5THo4UzU2M0RUQWExNG9Jam1PeC9tSzZlTzZzNkU1eEtlUTVlN1VSQUorVnl2VkoveXd4VytDYU14VEVlSnQrSk1CM2M5LS0rV0NQNTVoZ253K2syREg2U3RUMll3PT0%3D--e5da8b91a1a8904805bf1b31b6d049412f381ae8; path=/; secure; HttpOnly
x-request-id: a08bfa30-c107-4602-ad4a-0f47a793feaa
x-runtime: 0.017465
x-rack-cache: miss
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwfLyMek4bcoHWtLlmSegCMFFjcN%2FyKVYeb4pCVKgnYu8wFQUJKT730Bw71yibWS1Z5%2FygUFJgk5AN3lvJvyQTH1rwHYS1ranu9K7X%2FnWhms79cdfotgrlVr2R%2FOaCf8hHp3Ox0vvAsA4Z9GQPoL2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69d6f3a5ada742cf-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,300,700

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

389afe573ac58acb154e162f131eb682a89a038187151b22d339015769088d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 07:46:01 GMT
server: ESF
date: Wed, 13 Oct 2021 07:46:01 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 07:46:01 GMT

GET
H/1.1 200
OK application-555c1c51a8840743c8be236e267ba81918a6fe909b1d41ae4b7ea6d7511b1cca.css
d356qujqspw52j.cloudfront.net/assets/ 859 KB
859 KB 69ms
8ms Stylesheet
text/css 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d356qujqspw52j.cloudfront.net/assets/application-555c1c51a8840743c8be236e267ba81918a6fe909b1d41ae4b7ea6d7511b1cca.css
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 555c1c51a8840743c8be236e267ba81918a6fe909b1d41ae4b7ea6d7511b1cca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 08:24:00 GMT
Via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Age: 22202522
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 879239
Last-Modified: Thu, 30 Aug 2018 04:11:01 GMT
Server: AmazonS3
ETag: "591d2942b7a5d54d5fc8192b56c7b2e0"
x-amz-version-id: af_PyAkSK26CzEaQMDSeml7G1fRTb1qA
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: rZ8j0HI66ri2yQy-LA08yNNZmNVxU95-6klOqTE6BG2x9_Nj3_6xew==
Expires: Fri, 30 Aug 2019 10:10:59 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
6 KB 40ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718, 718
age: 7090471
cdn-cachedat: 2021-06-08 19:43:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 826015182bf313ed4c2920e4fa4ca3d6
cf-ray: 69d6f3a80857c2d6-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
92 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 20:10:18 GMT
x-content-type-options: nosniff
age: 41743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93636
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 12 Oct 2022 20:10:18 GMT

GET
H2 200 / Show response
7760d55467f94f668aa04c2682895436.js.ubembed.com/ 481 B
713 B 43ms
8ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://7760d55467f94f668aa04c2682895436.js.ubembed.com/
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee691834cd21dd88d42ba9076ea09a72b7c5b3159cb5267c8de9823e984f8331

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 3409
etag: af2c9c40de92d4b21a1423b609f2e037-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: HIkoVEgUDoEFZ3Q=

GET
H2 200 85dbc86271218137892442cfddd92e7c18db0fac.js Show response
my.hellobar.com/ 41 KB
7 KB 65ms
20ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/85dbc86271218137892442cfddd92e7c18db0fac.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28038f4282c2f53686989b9e102cca1158ebf4da698ba72ce5d42683599865bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 16:56:16 GMT
server: cloudflare
age: 0
etag: W/"f42f1a7595549dcfbf2847f0d81fff65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 69d6f3a95e5b16ee-FRA
x-amz-request-id: ZF4Z3KX45TAZ20RF
x-amz-id-2: hudsF1KEfUzwGsq0pUo1VXVeorRLpCV+JkqEzKgC7Q0MAEZ0qoZL0tzCOii8Ntb02KU7rwqFOhU=
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 72ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5d49d647f097e0eb5965d7236bb06044421530e3729c4f9383d75ede2444fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51385
x-xss-protection: 0
server: cafe
etag: 15691315648284288164
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 07:46:01 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/114739018710875/ 170 KB
35 KB 662ms
196ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/114739018710875/script.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 07:46:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Oct 2021 13:53:49 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2a930-17c74c7e505"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK application-af48c692bf8304446977210f89fc4f1253ffdd85bf106904cea73102ebf149ad.js Show response
d356qujqspw52j.cloudfront.net/assets/ 829 KB
830 KB 68ms
8ms Script
application/javascript 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d356qujqspw52j.cloudfront.net/assets/application-af48c692bf8304446977210f89fc4f1253ffdd85bf106904cea73102ebf149ad.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af48c692bf8304446977210f89fc4f1253ffdd85bf106904cea73102ebf149ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 03:28:30 GMT
Via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
Age: 21010652
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 848888
Last-Modified: Thu, 30 Aug 2018 04:11:27 GMT
Server: AmazonS3
ETag: "03606b700faf1414c24ccb7252350f80"
x-amz-version-id: cl2sUXm_eeMnfxOhwAXT_.DyrZdswPrq
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: A1XZij3Ulp04ZlbOdW7RCsBKN_7iiOG02BF3dOmbh85_MHwR2oPefg==
Expires: Fri, 30 Aug 2019 10:11:25 GMT

GET
H/1.1 200
OK logo.png
d356qujqspw52j.cloudfront.net/assets/ 6 KB
6 KB 11ms
8ms Image
image/png 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/assets/logo.png
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ce4533500502dab8526ed09b242ae6894e9e08d7a1b3b2e40702158f2a6c64b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Feb 2016 04:36:38 GMT
Server: AmazonS3
Age: 19898
ETag: "bff6e442efe31f0a6cff8fe68ab1fb56"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/png
Connection: keep-alive
Date: Wed, 13 Oct 2021 05:04:56 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 6068
X-Amz-Cf-Id: FYhP4DcKdsyBtECealiUcF_W_bqC-uCjhSm-G7ZqFN_VqtV-I-5CnA==

GET
H/1.1 200
OK header-1.jpg
d356qujqspw52j.cloudfront.net/img/original/ 220 KB
221 KB 12ms
8ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/header-1.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6ddf404210d9c94de1d600a05405c5d59ccde7a6cc9f86427a1cbf50ce89569

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
Last-Modified: Mon, 08 Feb 2016 23:45:12 GMT
Server: AmazonS3
Age: 67626
ETag: "13dcbd17ac16d18fe913237c0dd4aff7"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/jpeg
Connection: keep-alive
Date: Tue, 12 Oct 2021 12:58:56 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 225778
X-Amz-Cf-Id: a3J3lezs-mlultQcSbGFQNu39iF1bTsfV0lvaOtkTbn1F6EfP-cXlg==

GET
H/1.1 200
OK successful-in-the-city.jpg
d356qujqspw52j.cloudfront.net/img/original/ 11 KB
12 KB 22ms
9ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/successful-in-the-city.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 453674eeddb89fe49c4ac962a228b61804d969c930d74b8d787f70eb87ae65a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Feb 2016 18:24:22 GMT
Server: AmazonS3
X-Edge-Origin-Shield-Skipped: 0
ETag: "bd80b593f0c905dc6edfd6eccb6f313f"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Date: Wed, 13 Oct 2021 07:46:01 GMT
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 11392
X-Amz-Cf-Id: rwap7oBP2IPr0u00zZclpeU-_IjroFej_3aLHAjUrKcdlPMuwv4bUQ==

GET
H/1.1 200
OK boring-class.jpg
d356qujqspw52j.cloudfront.net/img/original/ 12 KB
13 KB 22ms
8ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/boring-class.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 549b3973c0a8893e3be6a7bc5c800b769d1efb25ed3e5a0c261f43086719e451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Feb 2016 18:15:40 GMT
Server: AmazonS3
Age: 85151
ETag: "bf05e1e341a8595bf95654536976161a"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/jpeg
Connection: keep-alive
Date: Tue, 12 Oct 2021 08:06:51 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 12661
X-Amz-Cf-Id: gcTpeE0d7X_i3wHI-Vt-Hq9wIvkALkThDVAVVoacRJ9QvNBUnEh_zw==

GET
H/1.1 200
OK lesson-sample.jpg
d356qujqspw52j.cloudfront.net/img/original/ 25 KB
25 KB 32ms
10ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/lesson-sample.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3471654909349009fe507499bb85e6fa428d666691ca15dc71ab251a4eb2e57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 3d58896f901dbeed449603f5d2b4d9f1.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Feb 2016 18:16:08 GMT
Server: AmazonS3
Age: 84980
ETag: "52c90ad45cf056bac53677c69700078c"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/jpeg
Connection: keep-alive
Date: Tue, 12 Oct 2021 08:09:42 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 25169
X-Amz-Cf-Id: H_1lrXUz_r4i421OXEcPuXJ6G1DXl5RL1kzvDH4okUaDh2gmrLoSDg==

GET
H/1.1 200
OK play-controls.jpg
d356qujqspw52j.cloudfront.net/img/original/ 12 KB
13 KB 31ms
9ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/play-controls.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f003869ea40391506fd7eab25b534c2f86649e306ec3ffbef17a7889ea06f3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Feb 2016 18:24:34 GMT
Server: AmazonS3
X-Edge-Origin-Shield-Skipped: 0
ETag: "d2ef2517f83e9f953744628d4ed5ce2e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Date: Wed, 13 Oct 2021 07:46:01 GMT
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 12350
X-Amz-Cf-Id: wJqOJkTbTELidD033DRz3CplJ8WKI-3Yus1zPcZhncTzi7Cni547yQ==

GET
H/1.1 200
OK waiting-for-the-bus.jpg
d356qujqspw52j.cloudfront.net/img/original/ 15 KB
16 KB 22ms
12ms Image
image/jpeg 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d356qujqspw52j.cloudfront.net/img/original/waiting-for-the-bus.jpg
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e61c91c8900e6ea3474eed7896ee1673d6fa92b1c6177dba6f7295bc8ea22fb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
Last-Modified: Sat, 13 Feb 2016 18:18:29 GMT
Server: AmazonS3
Age: 84980
ETag: "a1b5f63267b37af3d240d283e83b8d89"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: image/jpeg
Connection: keep-alive
Date: Tue, 12 Oct 2021 08:09:42 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 15585
X-Amz-Cf-Id: mhXkE5jr6KcvYZFpWW7c7zbrMN_9F_78Put0ehVW5bjpU9uXSV7Euw==

GET
H2 200 new_03.jpg
www.phrasemix.com/assets/ 137 KB
137 KB 17ms
14ms Image
image/jpeg 2606:4700:3037::6815:50f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.phrasemix.com/assets/new_03.jpg

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:50f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de62b06580aebfaa1f4d99f0e1b79c7764d1807f1e22e221e7ecc5dea7649274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /assets/new_03.jpg
pragma: no-cache
cookie: _phrasemix_app_session=RkVOUVFoNjBUdldRbXBOWTFBUVliNTlVRWt2aVBJaUhQbEI5ZUJCTlNvZXNRU2pmdVpNY21uYWFkOXRIS1FEaHZHUmZTaW9RWmRXSHRHN3U2QWswbkl3cTJacVpOQ2xhUk9ueXMvOXJZbEFueFpiK1BseVpuSUgxWTc5THo4UzU2M0RUQWExNG9Jam1PeC9tSzZlTzZzNkU1eEtlUTVlN1VSQUorVnl2VkoveXd4VytDYU14VEVlSnQrSk1CM2M5LS0rV0NQNTVoZ253K2syREg2U3RUMll3PT0%3D--e5da8b91a1a8904805bf1b31b6d049412f381ae8
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.phrasemix.com
referer: https://www.phrasemix.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Sun, 29 Aug 2021 08:13:42 GMT
server: cloudflare
age: 1994630
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3zmKBSGQiLMaMtQUwb%2BduoEaIUZgP7U44dbwzYu67gvJj6dsRC8lC%2BnoxKAj8r1vxKqV7Ixw2hQRQHoC%2F0ExcjUAGCvxuUYaKereV9HfH%2BXqFXUfUVsZba16MVRy0AKdDmv0L28Jc6e7Vn%2FDDwsYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 69d6f3a91c4f42cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 new_04.jpg
www.phrasemix.com/assets/ 155 KB
155 KB 16ms
14ms Image
image/jpeg 2606:4700:3037::6815:50f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.phrasemix.com/assets/new_04.jpg

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:50f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae32ca560a7047a14f3374bb7f976e2aa010ed82b82f680c0bab9633e18e238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /assets/new_04.jpg
pragma: no-cache
cookie: _phrasemix_app_session=RkVOUVFoNjBUdldRbXBOWTFBUVliNTlVRWt2aVBJaUhQbEI5ZUJCTlNvZXNRU2pmdVpNY21uYWFkOXRIS1FEaHZHUmZTaW9RWmRXSHRHN3U2QWswbkl3cTJacVpOQ2xhUk9ueXMvOXJZbEFueFpiK1BseVpuSUgxWTc5THo4UzU2M0RUQWExNG9Jam1PeC9tSzZlTzZzNkU1eEtlUTVlN1VSQUorVnl2VkoveXd4VytDYU14VEVlSnQrSk1CM2M5LS0rV0NQNTVoZ253K2syREg2U3RUMll3PT0%3D--e5da8b91a1a8904805bf1b31b6d049412f381ae8
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.phrasemix.com
referer: https://www.phrasemix.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Sun, 29 Aug 2021 08:13:42 GMT
server: cloudflare
age: 1994630
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe7mZf5vEK6ViypYSWTznZTeUSeLg1C035sjrfyzeRHr0gKqxN%2BChmBsFuX1hh2KrUweQNwWeUkeC9%2BvYtKb2IJqYXgZVMRAQI0OrKwfa3EZDCrv9R5TR3ZYnIE67J%2BeoTL4ZZ6c4jn4I1iRno%2F7gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 69d6f3a91c5142cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 new_05.jpg
www.phrasemix.com/assets/ 423 KB
424 KB 17ms
14ms Image
image/jpeg 2606:4700:3037::6815:50f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.phrasemix.com/assets/new_05.jpg

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:50f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16e7681642f9c1c9d0427d84e83db414371f516d951125040bff3b24f5fa55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /assets/new_05.jpg
pragma: no-cache
cookie: _phrasemix_app_session=RkVOUVFoNjBUdldRbXBOWTFBUVliNTlVRWt2aVBJaUhQbEI5ZUJCTlNvZXNRU2pmdVpNY21uYWFkOXRIS1FEaHZHUmZTaW9RWmRXSHRHN3U2QWswbkl3cTJacVpOQ2xhUk9ueXMvOXJZbEFueFpiK1BseVpuSUgxWTc5THo4UzU2M0RUQWExNG9Jam1PeC9tSzZlTzZzNkU1eEtlUTVlN1VSQUorVnl2VkoveXd4VytDYU14VEVlSnQrSk1CM2M5LS0rV0NQNTVoZ253K2syREg2U3RUMll3PT0%3D--e5da8b91a1a8904805bf1b31b6d049412f381ae8
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.phrasemix.com
referer: https://www.phrasemix.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Sun, 29 Aug 2021 08:13:42 GMT
server: cloudflare
age: 1994630
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDziu7MpZHqlxchC6Te56ruThAYRC%2FO1VqgwRwcVrgiUXDiWvcvxBF9Bpo3TCYxPhACDnGmAbbJvGlLga4UVu%2BgPAl7AAQ9eSCnm0QaBTBo%2BNrUvgUIjM6s9QrO88MT27aXMRh1D%2F7dn5UR9HSSwJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 69d6f3a91c5242cf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK footer-83b0bd6fb545ec820a4dd555f45b312a6e9d60701d27793471354fbf32c29d04.js Show response
d356qujqspw52j.cloudfront.net/assets/footer/ 253 KB
254 KB 9ms
9ms Script
text/javascript 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d356qujqspw52j.cloudfront.net/assets/footer/footer-83b0bd6fb545ec820a4dd555f45b312a6e9d60701d27793471354fbf32c29d04.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83b0bd6fb545ec820a4dd555f45b312a6e9d60701d27793471354fbf32c29d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 07:52:55 GMT
Via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
Age: 21513187
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 259132
Last-Modified: Sun, 11 Feb 2018 16:52:35 GMT
Server: AmazonS3
ETag: "d0d1a519f95bd251f4986fe53296a3ed"
x-amz-version-id: _MKTVwcR.utxqhEa5h1qz6uO.6AWSz9l
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: text/javascript
X-Amz-Cf-Id: ABxO6x1ii2mxkxnEHg-mumyNLblr4guGB07hMhCjUh0D4JcyYAA1AA==
Expires: Mon, 11 Feb 2019 22:52:35 GMT

GET
H/1.1 200
OK scrollme-e2c0e9d55139bc0dc1c8bb688e0580e4499aee04c40e98b1a2c030e0c9eac2d2.js Show response
d356qujqspw52j.cloudfront.net/assets/ 5 KB
6 KB 8ms
8ms Script
text/javascript 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d356qujqspw52j.cloudfront.net/assets/scrollme-e2c0e9d55139bc0dc1c8bb688e0580e4499aee04c40e98b1a2c030e0c9eac2d2.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c0e9d55139bc0dc1c8bb688e0580e4499aee04c40e98b1a2c030e0c9eac2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
Via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Jul 2016 12:19:53 GMT
Server: AmazonS3
X-Edge-Origin-Shield-Skipped: 0
ETag: "7de2c4340207f9917553ba8deba90692"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Date: Wed, 13 Oct 2021 07:46:01 GMT
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Length: 5584
X-Amz-Cf-Id: 3R4os2rqsIMy0xVUWmUosE0Rbzve_G646f5w0QzqE70jMOC8VqZZlw==

GET
H/1.1 200
OK print-6783d3a744650a8d37b11ef5f4502c1bdafffc5d1ddca2797733ece25ea094ec.css
d356qujqspw52j.cloudfront.net/assets/ 3 KB
4 KB 13ms
12ms Stylesheet
text/css 13.32.23.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d356qujqspw52j.cloudfront.net/assets/print-6783d3a744650a8d37b11ef5f4502c1bdafffc5d1ddca2797733ece25ea094ec.css
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6783d3a744650a8d37b11ef5f4502c1bdafffc5d1ddca2797733ece25ea094ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 06 Feb 2021 02:24:40 GMT
Via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront)
Age: 21532882
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3572
Last-Modified: Thu, 30 Aug 2018 04:13:07 GMT
Server: AmazonS3
ETag: "991a501882188b11139754331ef4d96b"
x-amz-version-id: asr1azWOcVKeZzSWgXn158LT0HpEnOvj
Cache-Control: public, max-age=31557600
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
Content-Type: text/css
X-Amz-Cf-Id: KXfMPG7CkesrhLxiNlGKVX9fw5J0-FIoK_JHV8DYk78jfOlzCHyppA==
Expires: Fri, 30 Aug 2019 10:13:04 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: d356qujqspw52j.cloudfront.net
URL: https://d356qujqspw52j.cloudfront.net/assets/application-af48c692bf8304446977210f89fc4f1253ffdd85bf106904cea73102ebf149ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 3908
date: Wed, 13 Oct 2021 06:40:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 13 Oct 2021 08:40:53 GMT

GET
H2 200 3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2
fonts.gstatic.com/s/yanonekaffeesatz/v18/ 25 KB
26 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/yanonekaffeesatz/v18/3y976aknfjLm_3lMKjiMgmUUYBs04Y8bH-o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6821ba65eed5ce880b9ebe492f40efe87c6141937a279131c97305255ee072ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.phrasemix.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:49:28 GMT
x-content-type-options: nosniff
age: 478593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25484
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:02:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 18:49:28 GMT

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
65 KB 43ms
20ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: https://www.phrasemix.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 14953870
cdn-cachedat: 2021-04-23 07:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5779154560aae105b6dd4a117d3fa429
accept-ranges: bytes
cf-ray: 69d6f3a93b622c36-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

count.js Show response
a.disquscdn.com/
Redirect Chain

https://go.disqus.com/count.js
https://a.disquscdn.com/count.js

1 KB
1 KB

33ms
9ms

Script
application/javascript

199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a.disquscdn.com/count.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
content-length: 871
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 16:35:15 GMT
server: nginx
etag: "615495c3-367"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: paugTpKsnvEeEXPiSKvczpV2MNVjcrGHZLIp-RQDJbHg3Cwbp20j6g==

Redirect headers

Location: https://a.disquscdn.com/count.js
Date: Wed, 13 Oct 2021 07:45:37 GMT
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 39ms
12ms Script
application/javascript 65.9.66.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 7760d55467f94f668aa04c2682895436.js.ubembed.com
URL: https://7760d55467f94f668aa04c2682895436.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:54:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 6101468
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ikXBTSNXOGBEH453JPf9stHv109HjwEvLdBKAkM3uj9ra2bIkIFd5w==

GET
H2 200 modules.js Show response
my.hellobar.com/ 251 KB
73 KB 29ms
28ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/85dbc86271218137892442cfddd92e7c18db0fac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f94eb71cf009c67542e17854a9b6d64c4aba3c7189af32920057c427eb82cb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 2004
cf-polished: origSize=257621
x-amz-request-id: W9GA1VVTAJQVDTSV
x-amz-id-2: NBC7qHqtbJ2Q9b3X9+FZOQ/vjOKVHZPMsG4ZvwFEETQIOopJbPEn9nvbHh9ALCdab0WgfsDqoyw=
last-modified: Fri, 01 Oct 2021 16:22:57 GMT
server: cloudflare
etag: W/"a3c760b1a0a31f3749688b3315e4a3b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 69d6f3aa4f7e16ee-FRA
cf-bgj: minify

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1875267865&utmhn=www.phrasemix.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Learn%20English%20Speaking%20%26%20Grammar%20like%20Natives%20with%20PhraseMix%20%7C%20PhraseMix.com&utmhid=1718587924&utmr=-&utmp=%2F&utmht=1634111161975&utmac=UA-11813175-1&utmcc=__utma%3D24081019.127411703.1634111162.1634111162.1634111162.1%3B%2B__utmz%3D24081019.1634111162.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=89686483&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 272 KB
98 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6236052209137486&plah=www.phrasemix.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7065f14106920d873c6d6369689e390e6c55352d7c0b9bd12b2829f12c1df41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99725
x-xss-protection: 0
server: cafe
etag: 3351436337553423891
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 07:46:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 25CB 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 21:25:32 GMT
expires: Tue, 26 Oct 2021 21:25:32 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 37230
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 251 B
676 B 41ms
16ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.phrasemix.com&callback=_gfp_s_&client=ca-pub-6236052209137486&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6236052209137486&plah=www.phrasemix.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7fdbce53608b4653a27544f16fc260f88e4b1020fb2a06949cf4997e0f0bf29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.phrasemix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.phrasemix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 095B 147 KB
40 KB 806ms
805ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&adk=494550554&adf=3127182129&lmt=1634111162&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.phrasemix.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161987&bpp=2&bdt=414&idt=166&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=884844623892&frm=20&pv=2&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02880c826ff34986218b767bf6c5f2ff63020b2606ea668c368b1f6f47b602db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6236052209137486&output=html&adk=494550554&adf=3127182129&lmt=1634111162&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.phrasemix.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161987&bpp=2&bdt=414&idt=166&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=884844623892&frm=20&pv=2&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 07:46:02 GMT
server: cafe
content-length: 40566
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 08:01:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 07:46:02 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E99 85 KB
28 KB 535ms
535ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&h=280&slotname=7770631853&adk=3447636909&adf=2460386197&pi=t.ma~as.7770631853&w=1200&fwrn=4&fwrnh=100&lmt=1634111162&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.phrasemix.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161989&bpp=2&bdt=416&idt=195&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=884844623892&frm=20&pv=1&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glrUBps8do&p=https%3A//www.phrasemix.com&dtd=201

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c49881cecaada0deca4c3ccea542f9f43f9ba9e00f67bce701c0c691bf13620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6236052209137486&output=html&h=280&slotname=7770631853&adk=3447636909&adf=2460386197&pi=t.ma~as.7770631853&w=1200&fwrn=4&fwrnh=100&lmt=1634111162&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.phrasemix.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161989&bpp=2&bdt=416&idt=195&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=884844623892&frm=20&pv=1&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glrUBps8do&p=https%3A//www.phrasemix.com&dtd=201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 07:46:02 GMT
server: cafe
content-length: 28690
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 08:01:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 07:46:02 GMT
cache-control: private

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 327ms
107ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.phrasemix.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 13 Oct 2021 07:46:02 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 84B2 30 KB
10 KB 295ms
95ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

adab63b28b5b36a30fe9cd32e36e0d3064a6476f34d56c0589ee388c439493dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 04:54:59 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"615e7da3-7835"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 14 Oct 2021 07:46:02 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 4F03 31 KB
10 KB 382ms
187ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5ed14ef54669d2359722407a9efcb6e2f56d3f918ab07db6f4464dc566c10e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 04:54:59 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"615e7da3-7c21"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 6 KB
2 KB 299ms
102ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.phrasemix.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 9da3cc348161962fe78715dc2627b2d71997fdb3a431570e3510c17534d8263b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 07:46:02 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"1959-SIninRuZOyqg1MrRkk74Key199U"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.phrasemix.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 css
fonts.googleapis.com/ Frame 6E99 3 KB
676 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&h=280&slotname=7770631853&adk=3447636909&adf=2460386197&pi=t.ma~as.7770631853&w=1200&fwrn=4&fwrnh=100&lmt=1634111162&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.phrasemix.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161989&bpp=2&bdt=416&idt=195&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=884844623892&frm=20&pv=1&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glrUBps8do&p=https%3A//www.phrasemix.com&dtd=201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 06:47:18 GMT
server: ESF
date: Wed, 13 Oct 2021 07:46:02 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 07:46:02 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6E99 2 KB
990 B 34ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:42:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 6E99 18 KB
8 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:45:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6E99 3 KB
1 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:42:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E99 123 KB
38 KB 54ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 07:46:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6E99 14 KB
6 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:38:25 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 6E99 27 KB
12 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E99 0
0 25ms
25ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZW9Zuo5mYbzgDNLh-gaGuKgwvuWzjF7DjM77lQr4zfe2mR0QASCAh-ciYJXy_YGUB6AB7pnk2gLIAQmpAkk8FeVDYbM-qAMByAPLBKoE4gFP0O5ZQDmsB3X-IBvoWLHEhs4IBaK2atrDI96qNdLYKP2PWDiTmyT-aaZgN_Yrtd46V3HDvFxg2y9YsI3bcg7Hj5migmscoMSRB7I9gkKqAARMGyvonzk8JH_IbiN_8DwPqRi4RtTV6Ri4xpmtbYGEJBrkiCz62nHK4Q_yLJAt8qXYO3LfOp8dTOTO7wu8xOWSQ0jDgiFt2f-zi0l1iYxPOLj1rOgDQxEgvIu5gQcJWtZka7AGzL2vEru40biAm_oOi00jS3NMPsEVmkpiEbUX7dMuDJSA5L8JtXB5dUkEO3HjwAS72aSHogKSBQQIBBgBkgUECAUYBKAGLoAH-uWbpQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcFEJ3qkAHSCAkIgOGAEBABGF-ACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTYyMzYwNTIyMDkxMzc0ODYYAA&sigh=wY3y0RX2_Ds&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6236052209137486&output=html&h=280&slotname=7770631853&adk=3447636909&adf=2460386197&pi=t.ma~as.7770631853&w=1200&fwrn=4&fwrnh=100&lmt=1634111162&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.phrasemix.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634111161989&bpp=2&bdt=416&idt=195&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=884844623892&frm=20&pv=1&ga_vid=127411703.1634111162&ga_sid=1634111162&ga_hid=1718587924&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063045%2C31063047%2C44751036%2C31062370%2C31062944&oid=2&pvsid=1241312915660626&pem=356&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=glrUBps8do&p=https%3A//www.phrasemix.com&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Oct 2021 07:46:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Oct 2021 07:46:02 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 84B2 175 KB
57 KB 46ms
8ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=110282
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Thu, 14 Oct 2021 14:24:04 GMT

GET
DATA 200
OK truncated
/ Frame 6E99 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 1003ms
249ms Script
text/plain 3.1.182.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.1.182.12 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 07:46:02 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 2753
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Content-Type: text/plain;charset=UTF-8

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 584ms
242ms Script
application/javascript 52.40.160.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.phrasemix.com%2F&ref=
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.160.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-40-160-59.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ff28b7571d64891666cf5e59ed17a851e9bb7e372f4103f19f524319481e8f82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
server: nginx/1.18.0
content-length: 3251
content-type: application/javascript

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 112ms
107ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/114739018710875/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.phrasemix.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 13 Oct 2021 07:46:02 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 4F03 175 KB
57 KB 7ms
7ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=110282
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Thu, 14 Oct 2021 14:24:04 GMT

GET
DATA 200
OK truncated
/ Frame 6E99 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 952a38f9633c04967d34e0f35b486fa96ef45fc2254eadc231e1cf01bbe47c0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6E99 21 KB
21 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 129573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6E99 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 134676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 84B2 463 KB
142 KB 98ms
98ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

19d4d3d5e3172f77ef83c4748aa730de0a0be0c5bd3ef9ba247b7f9cb6579182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:02 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 18:12:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"615b441a-73c89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 14 Oct 2021 07:46:02 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3734550872954045280/ Frame 6E99 23 KB
23 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3734550872954045280/downsize_200k_v1?w=600&h=314

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f1d23e4e99fa8943b3f9b784f7257854965bf159b60691517af70ccdf23b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 17:58:04 GMT
x-content-type-options: nosniff
age: 49678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23106
x-xss-protection: 0
last-modified: Wed, 28 Aug 2019 13:07:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 17:58:04 GMT

GET
H2 200 Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response
pagead2.googlesyndication.com/bg/ Frame CC8A 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 10:30:14 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 4F03 463 KB
142 KB 190ms
189ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

19d4d3d5e3172f77ef83c4748aa730de0a0be0c5bd3ef9ba247b7f9cb6579182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 18:12:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"615b441a-73c89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Thu, 14 Oct 2021 07:46:03 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 143 KB
51 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad16c3d566d24f5a075a637327794d7750d54a9254f61c9468676b4fdf0f456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52530
x-xss-protection: 0
server: cafe
etag: 12725369566956159968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 07:46:03 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 40ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-6236052209137486

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 41ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-6236052209137486

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.phrasemix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.phrasemix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 7BCA 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkjfIXAMxzJbjzdWY_3t0Kha_SWbaSffhUwDVwc6nrPpHnzzUk0aQtEDseFftM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 21:28:04 GMT
expires: Tue, 26 Oct 2021 21:28:04 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 37079
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 7BCA 4 KB
731 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 06:57:55 GMT
server: ESF
date: Wed, 13 Oct 2021 07:46:03 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 07:46:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BCA 205 B
491 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:46:14 GMT
x-content-type-options: nosniff
age: 3589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 06:46:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7BCA 604 B
696 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 00:41:57 GMT
x-content-type-options: nosniff
age: 284646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Oct 2022 00:41:57 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 7BCA 18 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7792
x-xss-protection: 0
server: cafe
etag: 11501120118990840405
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 06:56:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4DA3 3 KB
653 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 06:47:36 GMT
server: ESF
date: Wed, 13 Oct 2021 07:46:03 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 07:46:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 4DA3 2 KB
949 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:42:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 4DA3 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:45:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 4DA3 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:42:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DA3 123 KB
37 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Oct 2021 07:46:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 4DA3 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:38:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 07:38:25 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 4DA3 27 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DA3 0
56 B 40ms
40ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20211011&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response
pagead2.googlesyndication.com/bg/ Frame DF9D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 10:30:14 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 546ms
179ms Script
application/javascript 52.26.206.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.phrasemix.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.206.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-206-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 21:02:30 GMT
server: nginx/1.18.0
etag: W/"1633381350.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Wed, 13 Oct 2021 19:46:03 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 496ms
164ms Script
application/javascript 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.phrasemix.com%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 21:00:52 GMT
server: nginx/1.18.0
etag: W/"1633381252.0-26098-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Wed, 13 Oct 2021 19:46:03 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=8198759355348003966

43 B
564 B

458ms
181ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=8198759355348003966
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 07:46:03 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 54b72d57-8f39-4b5b-87a8-5996cc405044
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&adnxs_id=8198759355348003966
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a4ab7443-0ce1-4654-9797-d2594d01fbb3
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a4ab7443-0ce1-4654-9797-d2594d01fbb3
https://ids.ad.gt/api/v1/t_match?tdid=871a21da-bea2-4018-b2cf-d50d0a21bd54&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

43 B
568 B

513ms
319ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=871a21da-bea2-4018-b2cf-d50d0a21bd54&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=871a21da-bea2-4018-b2cf-d50d0a21bd54&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3
https://ids.ad.gt/api/v1/pbm_match?pbm=E3DF2D4E-1F60-48F6-B147-D214D57D518C&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

43 B
573 B

580ms
319ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=E3DF2D4E-1F60-48F6-B147-D214D57D518C&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=E3DF2D4E-1F60-48F6-B147-D214D57D518C&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
date: Wed, 13 Oct 2021 07:46:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
https://ids.ad.gt/api/v1/g_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&google_gid=CAESEByyIcIvkrwwHlrLvH99Juw&google_cver=1&google_ula=450542624,0

43 B
572 B

474ms
181ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&google_gid=CAESEByyIcIvkrwwHlrLvH99Juw&google_cver=1&google_ula=450542624,0
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&google_gid=CAESEByyIcIvkrwwHlrLvH99Juw&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTRhYjc0NDMtMGNlMS00NjU0LTk3OTctZDI1OTRkMDFmYmIz

170 B
243 B

18ms
18ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTRhYjc0NDMtMGNlMS00NjU0LTk3OTctZDI1OTRkMDFmYmIz

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTRhYjc0NDMtMGNlMS00NjU0LTk3OTctZDI1OTRkMDFmYmIz
date: Wed, 13 Oct 2021 07:46:03 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAETGE7CzR0AAGdnqnSYAw&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

43 B
478 B

290ms
289ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAETGE7CzR0AAGdnqnSYAw&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAETGE7CzR0AAGdnqnSYAw&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Date: Wed, 13 Oct 2021 07:46:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
478 B 68ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&uid=[UID]

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 07:46:03 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Da4ab7443-0ce1-4654-9797-d2594d01fbb3
https://ids.ad.gt/api/v1/mediamath_match?user_id=7b926166-8ebb-4300-bf9d-540e8f7d3a43&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3

43 B
485 B

327ms
179ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=7b926166-8ebb-4300-bf9d-540e8f7d3a43&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:03 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:03 GMT

Redirect headers

Date: Wed, 13 Oct 2021 07:46:03 GMT
Server: MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=7b926166-8ebb-4300-bf9d-540e8f7d3a43&id=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 13 Oct 2021 07:46:02 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 496ms
163ms Script
text/plain 54.189.240.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=7ba9e8b059ab669efcb6d1675da9aab8&url=https%3A%2F%2Fwww.phrasemix.com%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.240.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-240-181.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Oct 2021 07:46:04 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 40ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: hYcGx8UP8ZeFyA32jOTKw56rrymidt6YH+M8djh7LSR+/ezPr+06mzlFenRSR8MYw4ZBFL1vzsCP9Vvl8KUlig==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 13 Oct 2021 07:46:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 3546
date: Wed, 13 Oct 2021 06:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 08:46:57 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E99 42 B
518 B 67ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudEvoGz3bNYikdLj_wU9OEmbDEWA0SZNNETgQgvna6niSQjM9EWNArsWNnrtExsPDkf1YM6XFIOprJH5Z3AZl_pmCVUeRsY2NKFFYLnhNC-nS-RyUeEg&sai=AMfl-YR6y4FzZgoaIkRHOs660t-blOFxvcqsvBRT44PtzNFWmy7ZNX-DQ2159rfwmlhELW1X10_45MS7jY-d&sig=Cg0ArKJSzMjCSU7e2F3oEAE&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3447636909&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634111162191&rpt=722&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 493 KB
146 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36bf09966510c5afb5651ded21208a45a98cdf75a44a4e73c0bb982edbbfbce0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 148447
x-xss-protection: 0
pragma: public
x-fb-debug: uA0YVjwN4JPeyNLGFDKpW3ObSxgpXgLlIe0ZsVb4DQGBEB1oS4ohQG6XMmC3Lq+/C61T0SzXu3y+7pxeE8cHfA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 13 Oct 2021 07:46:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
https://ids.ad.gt/api/v1/openx?openx_id=22a662a5-82e5-44fd-a032-e11966f72c87&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1e...

43 B
482 B

176ms
176ms

Image
image/gif

35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=22a662a5-82e5-44fd-a032-e11966f72c87&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a4ab7443-0ce1-4654-9797-d2594d01fbb3
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:04 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:04 GMT

Redirect headers

date: Wed, 13 Oct 2021 07:46:04 GMT
content-encoding: gzip
server: OXGW/16.217.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=22a662a5-82e5-44fd-a032-e11966f72c87&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a4ab7443-0ce1-4654-9797-d2594d01fbb3
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
651 B 177ms
177ms Image
image/gif 35.164.229.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=a4ab7443-0ce1-4654-9797-d2594d01fbb3&halo_id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:04 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 13 Oct 2021 19:46:04 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
829 B 309ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Oct 2021 08:23:12 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Oct 2021 08:16:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 32ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.phrasemix.com%2F&rl=&if=false&ts=1634111163989&cd[partner_id]=251&cd[tagger_id]=7ba9e8b059ab669efcb6d1675da9aab8&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634111163987.504539283&it=1634111163931&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: www.phrasemix.com
URL: https://www.phrasemix.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 Oct 2021 07:46:04 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 30ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.phrasemix.com
URL: https://www.phrasemix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: VW8CCHGKR4ZK6Z03
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by: cache-fra19126-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1634111162.045506,VS0,VE0
date: Wed, 13 Oct 2021 07:46:02 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6408

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
21ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c002d1b052a4ef86d61f2c59bf844b6b85d07a8c4f91e00f5fd9382958ff97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 07:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8535
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 13 Oct 2021 07:46:04 GMT

GET
H/1.1 200
OK 54098f41ad Show response
bam.nr-data.net/1/ 57 B
322 B 407ms
100ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/54098f41ad?a=712445&v=1210.e2a3f80&to=cg0NQEZWCQ1RQBtSRUIWDFlrSQQGUUEbWV9cBw%3D%3D&rst=3187&ck=1&ref=https://www.phrasemix.com/&qt=1&ap=19&be=393&fe=3151&dc=611&perf=%7B%22timing%22:%7B%22of%22:1634111161198,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:4,%22ce%22:22,%22rq%22:22,%22rp%22:371,%22rpe%22:372,%22dl%22:375,%22di%22:611,%22ds%22:611,%22de%22:628,%22dc%22:3151,%22l%22:3151,%22le%22:3155%7D,%22navigation%22:%7B%7D%7D&fp=577&fcp=577&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0AD2 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 13 Oct 2021 07:36:21 GMT
expires: Thu, 13 Oct 2022 07:36:21 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C139 783 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a3121a2b288791cfe7b3fe2108c8d4fa763fdad863760e2cd1b03542bbeb835

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sOwdWUbVfEQJlknZ7xQ2fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.phrasemix.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 13 Oct 2021 07:46:04 GMT
date: Wed, 13 Oct 2021 07:46:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sOwdWUbVfEQJlknZ7xQ2fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AD2 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 10:30:14 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C139 0
0 44ms
44ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=1241312915660626&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=1241312915660626&bg=!y8ilyIzNAAbGFvHlxhY7ACkAdvg8Wp83HBPyc_zVHx8IVHmyjz_WXWydrHXk3GaYi-qZcVXJS9KygAIAAABoUgAAAAxoAQcKAAEBmQLOGlFcKGEAkSPxjh7wqEhqNN-PJ3HCHqx8uoq-pqO4XnB3v17UxjsGF6xO8jdgENoJSdlt4Lr-aZCcZFJYhYn7mBh73FAJqc_sJ4LTRcr1J6TEPUiB_edI_e9lgNzxzUkVYqvNygV4cMzMTnpROJA7c1n6f3dL_ZGfxycl24-LcDJumh6BH3gmA5N0kHT_AhXTNXPHhehEVyXa34a_KwGvPk-SDFHZD2ZRprIjAedM1GNS9aUHWIqKxnCf83ZoFeQRbyOHMlon_KtNwgZCNTOm9CEvHq-GR0zvk6JKkGE_0Sub_0NFXF0uUzEdBoz9KqD4Z6nYxlnPNoCA4ARkbAI5qpc5FAwSXwIewo61gL6dWQ5n_9I6ru56p2Y3Vv8HLZmm4W-txasAtE7VIHSDbsh6grnsELsu5oWlyWUwoRVzJoOEoRZsP0KZsRW9oraXHhue6yBKCqRuvQaXYGLyMBAMJCJgJ4gvaGQQw8em_9ppWMPBY7J8esPnz72I8YQQ0XLiaib0UmMJgU2KQLHmFZWkw13a5MUQhH3hmD3vCWdd2M_WSv8Y_NvLtSCpQMuJK2vAGqtgZLwxcgz25hTVECOwQy9P1owseP3j5_mMM7nmQrfpImFFVNXMSVhHjLW4zlESPGGOOR8fkX098VCL3kPjv2Hgkv6Mt0zykVXfyEdP_nj2y7K4MDR365iNsXWsAasXQijrAsUW1r-3MlVGZbx9e5SqDw0NlzB_HhwMOv0x2rKHdgIZCY9IpkjLRO_cxJQtviOASEgZEgrChYU-KK4sOCXu9fyoaAyI4aOoGijVWbjBYkP2VmLbn5pudi-7krLpqzS-URN16b7xCfJjugXsVQASRkIMEHAgvIzpXReYS05xMpLPHTDk661GA_MdHKAsDrl2znSvSwcPD1ACExnfGEGbsPE-JQlBf36FwVUdrKxznEXDK_ntOYSJ-oINlA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 07:46:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fwww.phrasemix.com%2F&rl=&if=false&ts=1634111165495&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Learn%20English%20Speaking%20%26%20Grammar%20like%20Natives%20with%20PhraseMix%20%7C%20PhraseMix.com%22%2C%22meta%3Adescription%22%3A%22Want%20to%20speak%20English%20like%20the%20natives%20do%3F%20PhraseMix%20brings%20you%20a%20chance%20to%20learn%20English%20speaking%20%26%20grammar%20more%20easily.%20Boost%20your%20confidence%20%26%20fluency%20in%20English%20with%20us.%20Visit%20now%20%26%20get%20started.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634111163987.504539283&it=1634111163931&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.phrasemix.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 07:46:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 Oct 2021 07:46:05 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.phrasemix.com/	1969-12-31 23:59:59	Name: _phrasemix_app_session Value: RkVOUVFoNjBUdldRbXBOWTFBUVliNTlVRWt2aVBJaUhQbEI5ZUJCTlNvZXNRU2pmdVpNY21uYWFkOXRIS1FEaHZHUmZTaW9RWmRXSHRHN3U2QWswbkl3cTJacVpOQ2xhUk9ueXMvOXJZbEFueFpiK1BseVpuSUgxWTc5THo4UzU2M0RUQWExNG9Jam1PeC9tSzZlTzZzNkU1eEtlUTVlN1VSQUorVnl2VkoveXd4VytDYU14VEVlSnQrSk1CM2M5LS0rV0NQNTVoZ253K2syREg2U3RUMll3PT0%3D--e5da8b91a1a8904805bf1b31b6d049412f381ae8
.phrasemix.com/	1970-01-20 15:26:23	Name: __utma Value: 24081019.127411703.1634111162.1634111162.1634111162.1
.phrasemix.com/	1969-12-31 23:59:59	Name: __utmc Value: 24081019
.phrasemix.com/	1970-01-20 02:17:59	Name: __utmz Value: 24081019.1634111162.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.phrasemix.com/	1970-01-19 21:55:11	Name: __utmt Value: 1
.phrasemix.com/	1970-01-19 21:55:12	Name: __utmb Value: 24081019.1.10.1634111162
.phrasemix.com/	1970-01-20 07:16:47	Name: __gads Value: ID=e420598d7a9a2e83-2296da1bf3ca00c0:T=1634111162:RT=1634111162:S=ALNI_MYNsGmJquKdwGyn2qD-ET8xMWkCOQ
.phrasemix.com/	1970-01-20 07:16:47	Name: __gpi Value: 00000000-0000-0000-0000-000000000000
powerad.ai/	1969-12-31 23:59:59	Name: 15094dcr Value: 1
.doubleclick.net/	1970-01-20 07:16:47	Name: IDE Value: AHWqTUkjfIXAMxzJbjzdWY_3t0Kha_SWbaSffhUwDVwc6nrPpHnzzUk0aQtEDseFftM
.doubleclick.net/	1970-01-19 21:55:12	Name: test_cookie Value: CheckForPermission
.ad.gt/	1970-01-20 15:26:23	Name: au_id Value: a4ab7443-0ce1-4654-9797-d2594d01fbb3
.ad.gt/	1970-01-19 21:56:37	Name: au_idmatch Value: {"apn": "2021-10-13", "ttd": "2021-10-13", "pub": "2021-10-13", "adx": "2021-10-13", "halo": "2021-10-13", "goo": "2021-10-13", "bees": "2021-10-13", "son": "2021-10-13", "mediamath": "2021-10-13"}
.adnxs.com/	1970-01-20 00:04:47	Name: uuid2 Value: 8198759355348003966
.pubmatic.com/	1970-01-20 00:04:47	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 00:04:47	Name: KADUSERCOOKIE Value: E3DF2D4E-1F60-48F6-B147-D214D57D518C
.adsrvr.org/	1970-01-20 06:40:47	Name: TDID Value: 871a21da-bea2-4018-b2cf-d50d0a21bd54
.adsrvr.org/	1970-01-20 06:40:47	Name: TDCPM Value: CAEYBSABKAIyCwjOnbTQh4qHOhAFOAE.
.mathtag.com/	1970-01-20 07:21:06	Name: uuid Value: 7b926166-8ebb-4300-bf9d-540e8f7d3a43
.bidr.io/	1970-01-20 07:23:44	Name: bito Value: AAETGE7CzR0AAGdnqnSYAw
.bidr.io/	1970-01-20 07:23:44	Name: bitoIsSecure Value: ok
.ad.gt/	1970-01-20 15:26:23	Name: last_seeng_hosted Value: 1634111163768
.ad.gt/	1970-01-20 15:26:23	Name: g_hosted Value:
.ad.gt/	1970-01-20 15:26:23	Name: last_seenmediamath Value: 1634111163782
.ad.gt/	1970-01-20 15:26:23	Name: user_id Value: 7b926166-8ebb-4300-bf9d-540e8f7d3a43
.ad.gt/	1970-01-20 15:26:23	Name: last_seenadx Value: 1634111163782
.ad.gt/	1970-01-20 15:26:23	Name: google_gid Value: CAESEByyIcIvkrwwHlrLvH99Juw
.ad.gt/	1970-01-20 15:26:23	Name: first_seenadx Value: 1634111163783
.ad.gt/	1970-01-20 15:26:23	Name: last_seenadnxs Value: 1634111163784
.ad.gt/	1970-01-20 15:26:23	Name: adnxs_id Value: 8198759355348003966
.ad.gt/	1970-01-20 15:26:23	Name: first_seenadnxs Value: 1634111163784
.phrasemix.com/	1970-01-20 15:26:23	Name: _ga Value: GA1.2.127411703.1634111162
.phrasemix.com/	1970-01-19 21:56:37	Name: _gid Value: GA1.2.1184143939.1634111164
.openx.net/	1970-01-20 06:40:47	Name: i Value: d84a4499-a2ee-44f6-a91f-3da115afd07e\|1634111163
.phrasemix.com/	1970-01-20 00:04:47	Name: _fbp Value: fb.1.1634111163987.504539283
.ad.gt/	1970-01-20 15:26:23	Name: last_seentd Value: 1634111163784
.ad.gt/	1970-01-20 15:26:23	Name: tdid Value: 871a21da-bea2-4018-b2cf-d50d0a21bd54
.ad.gt/	1970-01-20 15:26:23	Name: first_seentd Value: 1634111163784
.ad.gt/	1970-01-20 15:26:23	Name: last_seenpbm Value: 1634111163785
.ad.gt/	1970-01-20 15:26:23	Name: pbm Value: E3DF2D4E-1F60-48F6-B147-D214D57D518C
.ad.gt/	1970-01-20 15:26:23	Name: first_seenpbm Value: 1634111163785
.ad.gt/	1970-01-20 15:26:23	Name: last_seenbeeswax Value: 1634111163806
.ad.gt/	1970-01-20 15:26:23	Name: beeswax_id Value: AAETGE7CzR0AAGdnqnSYAw
.ad.gt/	1970-01-20 15:26:23	Name: last_seenhaloid Value: 1634111164031
.ad.gt/	1970-01-20 15:26:23	Name: halo_id Value: 02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 15:26:23	Name: first_seenhaloid Value: 1634111164031
.ad.gt/	1970-01-20 15:26:23	Name: last_seenopenx Value: 1634111164106
.ad.gt/	1970-01-20 15:26:23	Name: openx_id Value: 22a662a5-82e5-44fd-a032-e11966f72c87
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d837dfbb46b40c73

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7760d55467f94f668aa04c2682895436.js.ubembed.com
a.ad.gt
a.disquscdn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.ubembed.com
aufp.io
bam.nr-data.net
cm.g.doubleclick.net
connect.facebook.net
d356qujqspw52j.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.disqus.com
googleads.g.doubleclick.net
hb.brainlyads.com
ids.ad.gt
image2.pubmatic.com
js-agent.newrelic.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
my.hellobar.com
p.ad.gt
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.zprk.io
pixels.ad.gt
powerad.ai
reporting.powerad.ai
secure.adnxs.com
ssl.google-analytics.com
sync.go.sonobi.com
sync.mathtag.com
tpc.googlesyndication.com
u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.phrasemix.com
13.248.242.197
13.32.23.87
142.250.185.162
142.250.185.226
151.101.2.137
151.101.65.131
162.247.242.19
178.162.133.149
18.211.226.152
185.29.132.245
185.33.221.89
185.64.189.110
199.232.192.134
199.232.194.49
2.18.233.180
23.20.158.212
2606:4700:10::6816:f17
2606:4700:3037::6815:50f3
2606:4700::6812:bcf
2a00:1450:4001:802::2008
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.1.182.12
35.164.229.85
35.244.159.8
52.16.214.249
52.26.206.111
52.40.160.59
54.187.25.111
54.189.240.181
54.234.151.247
65.9.66.64
02880c826ff34986218b767bf6c5f2ff63020b2606ea668c368b1f6f47b602db
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09c002d1b052a4ef86d61f2c59bf844b6b85d07a8c4f91e00f5fd9382958ff97
0ad16c3d566d24f5a075a637327794d7750d54a9254f61c9468676b4fdf0f456
0ae32ca560a7047a14f3374bb7f976e2aa010ed82b82f680c0bab9633e18e238
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19d4d3d5e3172f77ef83c4748aa730de0a0be0c5bd3ef9ba247b7f9cb6579182
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1d5d49d647f097e0eb5965d7236bb06044421530e3729c4f9383d75ede2444fa
1f94eb71cf009c67542e17854a9b6d64c4aba3c7189af32920057c427eb82cb2
28038f4282c2f53686989b9e102cca1158ebf4da698ba72ce5d42683599865bf
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36bf09966510c5afb5651ded21208a45a98cdf75a44a4e73c0bb982edbbfbce0
389afe573ac58acb154e162f131eb682a89a038187151b22d339015769088d8e
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3ce4533500502dab8526ed09b242ae6894e9e08d7a1b3b2e40702158f2a6c64b
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
453674eeddb89fe49c4ac962a228b61804d969c930d74b8d787f70eb87ae65a6
4a3121a2b288791cfe7b3fe2108c8d4fa763fdad863760e2cd1b03542bbeb835
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
549b3973c0a8893e3be6a7bc5c800b769d1efb25ed3e5a0c261f43086719e451
555c1c51a8840743c8be236e267ba81918a6fe909b1d41ae4b7ea6d7511b1cca
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ed14ef54669d2359722407a9efcb6e2f56d3f918ab07db6f4464dc566c10e65
5f003869ea40391506fd7eab25b534c2f86649e306ec3ffbef17a7889ea06f3a
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e
6783d3a744650a8d37b11ef5f4502c1bdafffc5d1ddca2797733ece25ea094ec
6821ba65eed5ce880b9ebe492f40efe87c6141937a279131c97305255ee072ba
6c49881cecaada0deca4c3ccea542f9f43f9ba9e00f67bce701c0c691bf13620
7fdbce53608b4653a27544f16fc260f88e4b1020fb2a06949cf4997e0f0bf29c
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b0bd6fb545ec820a4dd555f45b312a6e9d60701d27793471354fbf32c29d04
83f1d23e4e99fa8943b3f9b784f7257854965bf159b60691517af70ccdf23b30
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e3731af076ca9c4d0fc2636f66175e8b0d824c79438e4a60972ea06889f578c
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
952a38f9633c04967d34e0f35b486fa96ef45fc2254eadc231e1cf01bbe47c0e
9da3cc348161962fe78715dc2627b2d71997fdb3a431570e3510c17534d8263b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
adab63b28b5b36a30fe9cd32e36e0d3064a6476f34d56c0589ee388c439493dc
af48c692bf8304446977210f89fc4f1253ffdd85bf106904cea73102ebf149ad
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b6ddf404210d9c94de1d600a05405c5d59ccde7a6cc9f86427a1cbf50ce89569
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
d16e7681642f9c1c9d0427d84e83db414371f516d951125040bff3b24f5fa55b
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de62b06580aebfaa1f4d99f0e1b79c7764d1807f1e22e221e7ecc5dea7649274
e2c0e9d55139bc0dc1c8bb688e0580e4499aee04c40e98b1a2c030e0c9eac2d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c91c8900e6ea3474eed7896ee1673d6fa92b1c6177dba6f7295bc8ea22fb4
e7065f14106920d873c6d6369689e390e6c55352d7c0b9bd12b2829f12c1df41
ee691834cd21dd88d42ba9076ea09a72b7c5b3159cb5267c8de9823e984f8331
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3471654909349009fe507499bb85e6fa428d666691ca15dc71ab251a4eb2e57
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff28b7571d64891666cf5e59ed17a851e9bb7e372f4103f19f524319481e8f82

www.phrasemix.com Open in urlscan Pro 2606:4700:3037::6815:50f3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

41 %IPv6

32 Domains

44 Subdomains

38 IPs

6 Countries

4555 kBTransfer

7369 kBSize

49 Cookies

16 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.phrasemix.com Open in urlscan Pro
2606:4700:3037::6815:50f3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

41 %
IPv6

32
Domains

44
Subdomains

38
IPs

6
Countries

4555 kB
Transfer

7369 kB
Size

49
Cookies

109 HTTP transactions
2 data transactions