d2p1qyxxogka01.cloudfront.net Open in urlscan Pro
2600:9000:2251:c600:18:24b:e840:21  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request bfcm22 Show response d2p1qyxxogka01.cloudfront.net/vpn-offer/	20 KB 7 KB	774ms 727ms	Document text/html	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 662c35eb3427330d54e5ccde952f1fe6e9f2026eddad46706fa7c7b0c1697652 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=10800 cf-cache-status MISS cf-ray 84c88f56fe023737-FRA content-encoding gzip content-type text/html date Sun, 28 Jan 2024 10:30:25 GMT expires Sun, 28 Jan 2024 13:30:25 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-amz-cf-id 5XgkzV-2KDtl6tYdYx6Hys1HKU7b_Jrb3SYzvAAAee65Vj7CMEd5-A== x-amz-cf-pop FRA60-P3 x-cache Error from cloudfront
GET H2	200	10021806-10024900.js Show response cdn-3.convertexperiments.com/js/	235 KB 70 KB	64ms 33ms	Script application/javascript	23.45.239.78 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-3.convertexperiments.com/js/10021806-10024900.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.45.239.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-45-239-78.deploy.static.akamaitechnologies.com Software / Resource Hash d5c871dca41be7553578705c5a80b9595a28209e2cd6230b8aacc27d0d1b956a Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT content-encoding gzip strict-transport-security max-age=15768000 vary Accept-Encoding content-type application/javascript cache-control public, max-age=239 x-privacy-policy You can find our privacy policy at https://www.convert.com/privacy-notice/ content-length 71744
GET H2	200	common.css d2p1qyxxogka01.cloudfront.net/css/	73 KB 14 KB	51ms 51ms	Stylesheet text/css	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 092c758c92e4c687aa51390c4753eb562fb7205b59868143f4d3eb93cea1468c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via hotspotshield-5699cb5b99-s8czp, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 cf-polished origSize=74371 age 1135263 x-cache Miss from cloudfront cf-bgj minify last-modified Mon, 15 Jan 2024 04:23:25 GMT server cloudflare etag W/"65a4b33d-12283" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control public, max-age=10800 cf-ray 84c88f5b9ac62bad-FRA x-amz-cf-id LXrNILOFvPVZqztoYnRrvC9MxoWUVuoyrl0QDT5fmYbpGyxU3t4Czw== expires Sun, 28 Jan 2024 13:30:25 GMT
GET H2	200	OtAutoBlock.js Show response cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/	8 KB 3 KB	55ms 31ms	Script application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/OtAutoBlock.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf3ce5b9c155f50a8c5561990807d9b5352b57f1264e172db336badda6a33f22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 79508 content-md5 4nelhzTRwUszhranT+PRvA== content-length 2562 x-ms-lease-status unlocked last-modified Mon, 18 Dec 2023 15:21:00 GMT server cloudflare etag 0x8DBFFDCF1080548 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 85124813-c01e-0042-76ff-328003000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5b99e05b74-FRA expires Mon, 29 Jan 2024 10:30:25 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	43ms 19ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 dulN1EiikhiO8GlkrdtHlg== age 24358 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6838 x-ms-lease-status unlocked last-modified Thu, 25 Jan 2024 20:55:19 GMT server cloudflare etag 0x8DC1DE7F0BAF2A8 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 9ff1c125-801e-000e-6504-501033000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5b99e15b74-FRA
GET H2	200	hotspot-shield-logo.1.0.0.svg d2p1qyxxogka01.cloudfront.net/imgs/	8 KB 4 KB	31ms 31ms	Image image/svg+xml	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2p1qyxxogka01.cloudfront.net/imgs/hotspot-shield-logo.1.0.0.svg Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash b81756e4bd1365fb0963bd2aab245b9d50082ebc7c6c624c62a7f2b4c4bcc9f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT via hotspotshield-5699cb5b99-fmj62, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 age 1142130 x-cache Miss from cloudfront last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag W/"65a4b2fa-2112" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2678400 cf-ray 84c88f5b7ae83737-FRA x-amz-cf-id jIMvk_5lMmwrTurHI5SerYebr92rgbcWm2KluNK3qnTzzMxJuJNdRg== expires Wed, 28 Feb 2024 10:30:25 GMT
GET H2	200	hss-full-logo-light.svg d2p1qyxxogka01.cloudfront.net/imgs/	8 KB 4 KB	53ms 53ms	Image image/svg+xml	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2p1qyxxogka01.cloudfront.net/imgs/hss-full-logo-light.svg Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 91c002728c91bf09e90a2dec9647e0106d515dd4296bc9073d16f7d734620257 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT via hotspotshield-5699cb5b99-n9kkz, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 age 1134134 x-cache Miss from cloudfront last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag W/"65a4b2fa-216b" x-frame-options DENY vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2678400 cf-ray 84c88f5b9e1b9a09-FRA x-amz-cf-id qlEapBLzQEmkUoVCQAshPmPGBCieedxZBLiLuK5OgPLnd9krKnlstg== expires Wed, 28 Feb 2024 10:30:25 GMT
GET H2	200	gpr.min.js Show response d2p1qyxxogka01.cloudfront.net/js/	43 KB 14 KB	49ms 49ms	Script application/javascript	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/js/gpr.min.js?1705292620 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 4f9d49b8aa45355c88c67e58836cdeee42192442cb1c57025c70616c7149828c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT via hotspotshield-5699cb5b99-fmj62, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 age 1138320 x-cache Miss from cloudfront last-modified Mon, 15 Jan 2024 04:23:17 GMT server cloudflare etag W/"65a4b335-acaa" x-frame-options DENY vary Accept-Encoding content-type application/javascript cache-control public, max-age=10800 cf-ray 84c88f5bcb965be5-FRA x-amz-cf-id CZqXtMOt6Ik_gCEivTt81ltDa44E7Y-UYL-4TEwH420mS7ZseJV6aQ== expires Sun, 28 Jan 2024 13:30:25 GMT
GET H2	200	common.js Show response d2p1qyxxogka01.cloudfront.net/js/	145 KB 39 KB	37ms 37ms	Script application/javascript	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/js/common.js?1705292620 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 4714e3b0a5ab163f2db139cfd0d7d845b75b17bfe33ff43199638041d532edb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via hotspotshield-5699cb5b99-n9kkz, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 cf-polished origSize=148247 age 1142130 x-cache Miss from cloudfront cf-bgj minify last-modified Mon, 15 Jan 2024 04:23:34 GMT server cloudflare etag W/"65a4b346-24317" x-frame-options DENY vary Accept-Encoding content-type application/javascript cache-control public, max-age=10800 cf-ray 84c88f5bfb593737-FRA x-amz-cf-id TKdBoKo8qpnb8s1grt1xtdLmcYfjNua8H2bFBTmAX0RXwWKDWBdfgw== expires Sun, 28 Jan 2024 13:30:25 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	67ms 41ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ Origin https://d2p1qyxxogka01.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 84c88f5c3fed6901-FRA
GET H2	200	48c39b6c-a8c7-4b27-a89a-23c44d19b9d4.json Show response cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/	5 KB 2 KB	93ms 78ms	XHR application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5b683def84ba6a459f655f4bc7163da5b92f7305f1c40dc9aee38e693426426 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 rS+KLhcZqLOrs6f+kIe79Q== content-length 1697 x-ms-lease-status unlocked last-modified Mon, 18 Dec 2023 15:21:00 GMT server cloudflare etag 0x8DBFFDCF0D479BE vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id e555e41c-701e-0068-19d5-515f13000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5c1eedbb71-FRA expires Mon, 29 Jan 2024 10:30:26 GMT
GET H2	200	hotjar-2642895.js Show response static.hotjar.com/c/	9 KB 4 KB	41ms 15ms	Script application/javascript	18.154.63.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2642895.js?sv=6 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.154.63.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-154-63-67.dus51.r.cloudfront.net Software / Resource Hash 265f0926990bb719a2682005f13d009325ca08c83f1c4337381a38b4d1aa6893 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sun, 28 Jan 2024 10:30:25 GMT via 1.1 3d19c1786985b405e94150c01ee7e35e.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P4 age 37 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/3503067a2c07c2531279d6eb4b1f6e4c vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id iGHTU5hQjGpjprhmu9-_ebeOs3p4Zh_jZQ-yI2xDxsw5BgxvIul0lA==
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	3 KB 2 KB	66ms 33ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=589987&u=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&f=1&r=0.207440062789507 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gams1 / Resource Hash 8d459f047128e86a7ff88cd1435998a31125638f83910a395a2358e1b36681b8 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT content-encoding gzip via 1.1 google server gams1 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	sparkle@2x.png d2p1qyxxogka01.cloudfront.net/imgs/bg/	3 KB 3 KB	68ms 68ms	Image image/png	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2p1qyxxogka01.cloudfront.net/imgs/bg/sparkle@2x.png Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 077a74f9ebdc4e1b4b69b6e804c30f6128f8e6de6324cc9eda34af6e6b356690 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT via hotspotshield-5699cb5b99-n6gx6, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status HIT x-amz-cf-pop FRA60-P3 age 1095684 x-cache Miss from cloudfront content-length 2639 last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag "65a4b2fa-a4f" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=2678400 accept-ranges bytes cf-ray 84c88f5c3c5d5d3c-FRA x-amz-cf-id UfiBw0ohYFBKj8kGL-qKqwhFNDzmO_MEQ7p3fIoVDoLEBs9XVH7YvQ== expires Wed, 28 Feb 2024 10:30:25 GMT
GET H2	200	39D315_1_0.woff2 d2p1qyxxogka01.cloudfront.net/webfonts/	46 KB 46 KB	864ms 864ms	Font font/woff2	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/webfonts/39D315_1_0.woff2 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash cfd331c3d10a660b39bf355bae991de859464d729b4480954aa56d7591b207f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Origin https://d2p1qyxxogka01.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT via hotspotshield-5699cb5b99-np9bw, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status MISS x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront content-length 46601 last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag "65a4b2fa-b609" x-frame-options DENY vary Accept-Encoding content-type font/woff2 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 84c88f5c2ec03aa3-FRA x-amz-cf-id AjWxh_FUfOEA-XI8H2dl8fSHzle8S7pI9JF0Rvu80Nxt5h9PV_Krbg== expires Wed, 28 Feb 2024 10:30:26 GMT
GET H2	200	39D315_2_0.woff2 d2p1qyxxogka01.cloudfront.net/webfonts/	46 KB 46 KB	286ms 286ms	Font font/woff2	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/webfonts/39D315_2_0.woff2 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash d9af3f23bc4141fd78d1f803e1feda045f24c7273b8a643d331ee3ef982908e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Origin https://d2p1qyxxogka01.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT via hotspotshield-5699cb5b99-n9kkz, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status MISS x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront content-length 46878 last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag "65a4b2fa-b71e" x-frame-options DENY vary Accept-Encoding content-type font/woff2 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 84c88f5c38926ab8-FRA x-amz-cf-id UKOLkwfYWQHePmbim9tWuzvU5-o6zkdBCBPLL-tHKiGIM8nrDUataw== expires Wed, 28 Feb 2024 10:30:26 GMT
GET H2	200	modules.0c2aac1b2d1ba79f2a01.js Show response script.hotjar.com/	219 KB 55 KB	36ms 10ms	Script application/javascript	18.173.233.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2642895.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.233.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-233-11.dus51.r.cloudfront.net Software / Resource Hash 8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Wed, 24 Jan 2024 15:40:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 0ff344318780e69ac3266c8bf539c810.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P3 age 327019 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55804 last-modified Wed, 24 Jan 2024 15:39:41 GMT etag "252eda316b5dfe5750655c881f809a75" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id WxIpMntJ_amDciaJaz78MmsZF5JjMFdgX9BAIEFotE9z-2ecsG7uSA==
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/	35 B 145 B	220ms 220ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=589987&d=d2p1qyxxogka01.cloudfront.net&u=D1E7B47AF9A1CE6CFDB5C996AAED62EFB&h=9e6e5ce00818f327b0a75004e839335e&t=false Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv2c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:25 GMT via 1.1 google x-content-type-options nosniff server gnv2c content-type image/gif access-control-allow-origin * cache-control public, max-age=43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
POST		gpr www/	0 0
GET H2	200	set-cookies order.hotspotshield.com/gdpr/agreement/	43 B 899 B	1001ms 690ms	Image image/gif	2600:9000:2315:c800:18:7807:44c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://order.hotspotshield.com/gdpr/agreement/set-cookies?af_params[0][name]=hprchs_vstr_hsh&af_params[0][value]=ext4000d7d0-bdc8-11ee-852a-b5ef30868f9b Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:c800:18:7807:44c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options DENY, ALLOW-FROM https://hsselite.zendesk.com/ Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront) afs fc3f7383251fd4b5e4e78557f3d04a56 server nginx x-amz-cf-pop DUS51-P2 x-frame-options DENY, ALLOW-FROM https://hsselite.zendesk.com/ content-security-policy-report-only default-src https:; connect-src https: wss:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri https://www.hsselite.com/csp-report content-type image/gif access-control-allow-origin * x-cache Miss from cloudfront p3p CP="Dummy p3p policy" cache-control no-cache, private access-control-allow-credentials true x-amz-cf-id lFIXDyW_D0vAhuEfbAlqQKqgp1ZEKNA6WsXdmBjDOOumUvF8vsl1hQ==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	292ms 22ms	XHR application/json	2606:4700:4400::ac40:9b77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://d2p1qyxxogka01.cloudfront.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 84c88f5e7c0e92ba-FRA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202312.1.0/	428 KB 104 KB	24ms 23ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3f3e1b209eebcd0ae7a1d19aa7d7bc6a7753995a2e412a5933c97dbe040112f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 NgWSX+Cq7lSczucQPtQGiA== age 55089 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 106373 x-ms-lease-status unlocked last-modified Wed, 10 Jan 2024 03:41:47 GMT server cloudflare etag 0x8DC118E12803BCF vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id f6bb5f8b-301e-000b-1df8-43c2e8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5e9c2e5b74-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/b16d972c-8e16-4a6f-99ea-d4ece089d6cb/	56 KB 14 KB	59ms 59ms	Fetch application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/48c39b6c-a8c7-4b27-a89a-23c44d19b9d4/b16d972c-8e16-4a6f-99ea-d4ece089d6cb/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 617478c301089582ad54eed10b91ce7b030806cc8b70fde950337891d43f5b35 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload content-md5 ulf7p6pfduSiMhbG8UzAPA== content-length 14155 x-ms-lease-status unlocked last-modified Mon, 18 Dec 2023 15:21:02 GMT server cloudflare etag 0x8DBFFDCF2843474 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 0564d11d-401e-0073-73d5-516110000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5ed996bb71-FRA expires Mon, 29 Jan 2024 10:30:26 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/	13 KB 3 KB	60ms 59ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 tWkS8T7E+veM7Z58xlBheA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3017 x-ms-lease-status unlocked last-modified Wed, 10 Jan 2024 03:41:38 GMT server cloudflare etag 0x8DC118E0D158D63 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 0b18b362-f01e-0004-41d5-51b484000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5f49f0bb71-FRA
GET H2	200	otPcPanel.json Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/	64 KB 13 KB	111ms 110ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/v2/otPcPanel.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash badf35905761263dade3a1d625565f9ab8329d92bdf4f16894d0e54399c6ab58 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 x59kFomFNn5ljzKYKvGvNA== strict-transport-security max-age=31536000; includeSubDomains; preload content-length 12861 x-ms-lease-status unlocked last-modified Wed, 10 Jan 2024 03:41:41 GMT server cloudflare etag 0x8DC118E0EF0BDEE vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id beff8c09-301e-009d-1ed5-51cb39000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f5f49f2bb71-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202312.1.0/assets/	21 KB 4 KB	56ms 56ms	Fetch text/css	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202312.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding gzip content-md5 c7xAZ9MSGAobGaTYg/Qtag== x-ms-lease-status unlocked last-modified Wed, 10 Jan 2024 03:41:52 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id ece3511e-f01e-0066-5ad5-5176a3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 84c88f5f49f3bb71-FRA
GET H3	200	j.php Show response dev.visualwebsiteoptimizer.com/	3 KB 1 KB	19ms 18ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=589987&u=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&f=1&r=0.207440062789507 Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gams1 / Resource Hash ac9cbdc9ef6907e289ce4485945ca1fe18f2e77babb0fb4605f9418600c934c8 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT content-encoding gzip via 1.1 google server gams1 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	39D315_0_0.woff2 d2p1qyxxogka01.cloudfront.net/webfonts/	46 KB 47 KB	845ms 845ms	Font font/woff2	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/webfonts/39D315_0_0.woff2 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash c409b7649c6d470ad2eaa9704469a61457875d9989341632741a76fa87cac256 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://d2p1qyxxogka01.cloudfront.net/css/common.css?1705292620 Origin https://d2p1qyxxogka01.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT via hotspotshield-5699cb5b99-s8czp, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status MISS x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront content-length 47054 last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag "65a4b2fa-b7ce" x-frame-options DENY vary Accept-Encoding content-type font/woff2 cache-control public, max-age=2678400 accept-ranges bytes cf-ray 84c88f602cfc7185-FRA x-amz-cf-id fxLm42Ovl7pMth2Lr-E-APy5tz9HUByrnm6fgD3vX0lbNe3cz6_mxw== expires Wed, 28 Feb 2024 10:30:27 GMT
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 488 B	51ms 51ms	Fetch image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202312.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== x-ms-lease-status unlocked last-modified Thu, 25 Jan 2024 20:55:21 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id fb50a06d-b01e-0067-5ed5-51297f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 84c88f600ab5bb71-FRA
GET H2	200	HSS_Logo-Landscape.png cdn.cookielaw.org/logos/ee5fbca2-6c66-4ce3-a9d2-eef632441675/06c6e665-9f90-4907-bfce-55141e641004/98fcb6a0-f0d0-4a84-8d37-af5d80310de4/	18 KB 18 KB	30ms 30ms	Image image/png	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/ee5fbca2-6c66-4ce3-a9d2-eef632441675/06c6e665-9f90-4907-bfce-55141e641004/98fcb6a0-f0d0-4a84-8d37-af5d80310de4/HSS_Logo-Landscape.png Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbc119fef30d62010b974bf68ed5858739091b65accb96251634c0c5999db298 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 aqp0bVhSMXm6ulD3NBo+dg== age 58840 content-length 18106 x-ms-lease-status unlocked last-modified Mon, 24 Jul 2023 14:44:46 GMT server cloudflare etag 0x8DB8C54864B18C6 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 21d3ce5c-001e-003f-1ba9-21f120000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 84c88f601d535b74-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	18ms 18ms	Image image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 28 Jan 2024 10:30:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 23976 x-ms-lease-status unlocked last-modified Thu, 25 Jan 2024 20:55:22 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 9f383b3d-d01e-003c-600b-501044000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 84c88f601d555b74-FRA
GET H3	200	v.gif dev.visualwebsiteoptimizer.com/	35 B 51 B	98ms 98ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=589987&d=d2p1qyxxogka01.cloudfront.net&u=D1E7B47AF9A1CE6CFDB5C996AAED62EFB&h=9e6e5ce00818f327b0a75004e839335e&t=true Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv2c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:26 GMT via 1.1 google x-content-type-options nosniff server gnv2c content-type image/gif access-control-allow-origin * cache-control public, max-age=43200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35
GET H2	200	gdpr-v2.js Show response d2p1qyxxogka01.cloudfront.net/js/	9 KB 4 KB	44ms 44ms	Script application/javascript	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/js/gdpr-v2.js?1705292620 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash ec2c59314d07a482f806cd88059395b3f36b4316d7b54ee321207e8bbd2da6a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via hotspotshield-5699cb5b99-fmj62, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 cf-polished origSize=11355 age 1144481 x-cache Miss from cloudfront cf-bgj minify last-modified Mon, 15 Jan 2024 04:23:15 GMT server cloudflare etag W/"65a4b333-2c5b" x-frame-options DENY vary Accept-Encoding content-type application/javascript cache-control public, max-age=10800 cf-ray 84c88f657ff15d67-FRA x-amz-cf-id qM9yvlG1j2ncpQUDBpVt0VEbKhr3HCKs2Ave5FnOWLot9A73MhAlWg== expires Sun, 28 Jan 2024 13:30:27 GMT
POST		gpr www/	0 0
POST H2	403	rum Show response d2p1qyxxogka01.cloudfront.net/cdn-cgi/	919 B 1 KB	8ms 7ms	XHR text/html	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 946165fa60622191faffdc9a2cd7017970866199ccd6f3f7d32e56285e0a3034 Request headers Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 content-type application/json Response headers date Sun, 28 Jan 2024 10:30:27 GMT via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA60-P3 x-cache Error from cloudfront content-type text/html content-length 919 x-amz-cf-id LWPLl8_svTGSI-ZBZowHZXjC4wag3VurVTr3CwHHunT6MPHqUnAbOA==
GET H2	200	gdpr.init.js Show response d2p1qyxxogka01.cloudfront.net/js/	262 B 802 B	65ms 65ms	Script application/javascript	2600:9000:2251:c600:18:24b:e840:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p1qyxxogka01.cloudfront.net/js/gdpr.init.js?1705292620 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:c600:18:24b:e840:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash 2bea68f09c74e9a8b46ebb75ade8cd87443c5f1918691857ae61fb313a5b11d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via hotspotshield-5699cb5b99-s8czp, 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT content-encoding gzip x-amz-cf-pop FRA60-P3 cf-polished origSize=338 age 442674 x-cache Miss from cloudfront cf-bgj minify last-modified Mon, 15 Jan 2024 04:22:18 GMT server cloudflare etag W/"65a4b2fa-152" x-frame-options DENY vary Accept-Encoding content-type application/javascript cache-control public, max-age=10800 cf-ray 84c88f65bc0b2c45-FRA x-amz-cf-id -Gu4oGqenSLBdq_UGQ_FMDKiUfzCFAjKVw8P97A47FV_CVhac7ioig== expires Sun, 28 Jan 2024 13:30:27 GMT
GET H2	200	raven.min.js Show response cdn.ravenjs.com/3.17.0/	25 KB 10 KB	26ms 7ms	Script application/javascript	2a04:4e42::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.ravenjs.com/3.17.0/raven.min.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/js/gdpr-v2.js?1705292620 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74 Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ Origin https://d2p1qyxxogka01.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT content-encoding gzip last-modified Thu, 13 Jul 2017 16:58:06 GMT server Fastly age 17564 etag "51d6eff0ea5151f41fa0e2f3310fc7c7" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 9634
GET H2	200	gtm.js Show response www.googletagmanager.com/	301 KB 103 KB	50ms 29ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5 Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/js/gdpr-v2.js?1705292620 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4d1c35159b80a48bda504e5c0c0c8711432962e36904200eca11ad4d6cb1ed31 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104848 x-xss-protection 0 last-modified Sun, 28 Jan 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 28 Jan 2024 10:30:27 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	252 KB 86 KB	27ms 26ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DELK9F8HW3&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b2ce809e8c38c24d8fbb51b7f0e3327c09a8ba067cefa2daeb4f2682b40ba150 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87822 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 28 Jan 2024 10:30:27 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	28ms 7ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 28 Jan 2024 09:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2538 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 28 Jan 2024 11:48:09 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	56ms 30ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 28 Jan 2024 10:30:27 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 28B6680307E845AAA0B3BD9FF84A5D34 Ref B: FRAEDGE1719 Ref C: 2024-01-28T10:30:27Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/714949573/	3 KB 2 KB	65ms 44ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/714949573/?random=1706437827622&cv=11&fst=1706437827622&bg=ffffff&guid=ON&async=1&gtm=45He41o0v77009789&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&hn=www.googleadservices.com&frm=0&tiba=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&pscdl=noapi&auid=1900696044.1706437828&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2M4SV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f3573d86eb83342145c16791be57da08c1bce01ecec81c2f183890990af501fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1285 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/	31 KB 7 KB	56ms 23ms	Script application/javascript	2606:4700::6810:b0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT content-encoding gzip via 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront) cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop FRA60-P2 age 53 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Tue, 04 Apr 2023 18:58:37 GMT server cloudflare etag W/"613257bb316d347d9417023321c6d62f" vary Accept-Encoding content-type application/javascript cache-control public, max-age=300 cf-ray 84c88f66ec97bbc1-FRA x-amz-cf-id YVxnSRxhz9AxxbpjFFFhf82T-TMWI7dzUS3pSkiYOMAlZha838SqUw==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	213 KB 58 KB	27ms 9ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 28 Jan 2024 10:30:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57158 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug XZK9CXwShRv5FHukuioLlKcj0WO0mCd5ayJ2tdsgfEEvfjqHUdNV0yZBgp9g+i9WAYLHaKaJgiF3KMS9oDmyIw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	4 KB 2 KB	230ms 138ms	Script application/javascript	104.126.37.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq Requested by Host: d2p1qyxxogka01.cloudfront.net URL: https://d2p1qyxxogka01.cloudfront.net/vpn-offer/bfcm22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 946316ce442fff2e21a2b6032cdb83ec01c85227955f34167e3b742dc0c2a7a9 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-akamai-request-id afb0005c.1eb9ad76 date Sun, 28 Jan 2024 10:30:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24012810302784232F342368161BB330-099EC238BBB65548-00 x-cache TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) x-parent-response-time 111,104.126.37.143 server-timing cdn-cache; desc=MISS, edge; dur=105, origin; dur=8, inner; dur=3 content-length 1341 pragma no-cache server nginx x-tt-logid 2024012810302784232F342368161BB330 x-cache-remote TCP_MISS from a23-220-105-211.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 8,23.220.105.211 x-tt-trace-host 01f6be43465a12ed6f674215fbfc8fb5f0160f890ba6e0657354566b6c4cc2a2137b7582854b69d5868e095884d9ef5306e3284f8824f5c228d55d0fc8fe7ecf12eeef694298c1d06d552958c44e32968adfd87056242b8dee1e67735674bf7e380cade63318bf6d77e40e635be2f3d653 expires Sun, 28 Jan 2024 10:30:27 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 219 B	14ms 14ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=759054365&t=pageview&_s=1&dl=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&ul=en-us&de=UTF-8&dt=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=2019989817&gjid=2986923&cid=1854395684.1706437828&tid=UA-246226-92&_gid=1295368277.1706437828&_r=1&_slc=1&gtm=45He41o0n81T2M4SV5v77009789&cd6=1706437827618.6ggvuoak&cd7=1706437827&cd8=ext4000d7d0-bdc8-11ee-852a-b5ef30868f9b&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=1854395684.1706437828&z=1025892405 Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.17.0/raven.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://d2p1qyxxogka01.cloudfront.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 264 B	39ms 15ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DELK9F8HW3&gtm=45je41o0v9120696703z877009789&_p=1706437827527&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1854395684.1706437828&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706437827&sct=1&seg=0&dl=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&dt=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&en=page_view&_fv=1&_ss=1&tfd=2641 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DELK9F8HW3&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT server Golfe2 content-type text/plain access-control-allow-origin https://d2p1qyxxogka01.cloudfront.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 359 B	53ms 18ms	XHR text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-246226-92&cid=1854395684.1706437828&jid=2019989817&gjid=2986923&_gid=1295368277.1706437828&_u=YGBACEAABAAAACAEK~&z=1504664387 Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.17.0/raven.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 28 Jan 2024 10:30:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://d2p1qyxxogka01.cloudfront.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1142332929694473 Show response connect.facebook.net/signals/config/	61 KB 13 KB	150ms 150ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1142332929694473?v=2.9.143&r=stable&domain=d2p1qyxxogka01.cloudfront.net&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 24090d8230232f2a050c603132fbe8c63c4f39b726596856960aaa70d0378de4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 28 Jan 2024 10:30:27 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug m5qiuhJ5h4n1Y56NJ6nQ4s/NRldI2sXh51oGAan5VP1N9VHytm+89RBh4wFfiXyviGY9TbersHi81a+iVbGpEw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/714949573/	42 B 455 B	43ms 20ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/714949573/?random=1706437827622&cv=11&fst=1706436000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v77009789&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&frm=0&tiba=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dvhwNKPHJzpL2DiSFMUB6Pi7Vwh3Zg&random=2407670036&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/714949573/	42 B 455 B	45ms 22ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/714949573/?random=1706437827622&cv=11&fst=1706436000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v77009789&u_w=1600&u_h=1200&url=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&frm=0&tiba=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dvhwNKPHJzpL2DiSFMUB6Pi7Vwh3Zg&random=2407670036&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	52013101.js Show response bat.bing.com/p/action/	0 116 B	33ms 32ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/52013101.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sun, 28 Jan 2024 10:30:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A23C540CAE7A47B29CCA6D265DEAC13A Ref B: FRAEDGE1719 Ref C: 2024-01-28T10:30:27Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 286 B	85ms 85ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=52013101&tm=gtm002&Ver=2&mid=724d5450-d259-4eb8-9f4c-00d740350119&sid=4106c840bdc811eeb8edd1eb29ede572&vid=4106fa00bdc811eea717473a675f6ef5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20Page%20Not%20Found%20%7C%20Hotspot%20Shield&p=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&r=&lt=2367&evt=pageLoad&sv=1&rn=576086 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 28 Jan 2024 10:30:27 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 89549C54FC034DBE97DEFEC73B392814 Ref B: FRAEDGE1719 Ref C: 2024-01-28T10:30:27Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response prism.app-us1.com/	0 307 B	270ms 235ms	Script application/javascript	2606:4700::6810:b0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=800646021&u=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22 Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:b0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.1.25 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers date Sun, 28 Jan 2024 10:30:27 GMT strict-transport-security max-age=31536000; includeSubDomains cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/8.1.25 content-type application/javascript cache-control no-cache, private x-envoy-upstream-service-time 115 cf-ray 84c88f6778803a60-FRA content-length 0
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	34ms 34ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-246226-92&cid=1854395684.1706437828&jid=2019989817&_u=YGBACEAABAAAACAEK~&z=1363791121 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	33ms 33ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-246226-92&cid=1854395684.1706437828&jid=2019989817&_u=YGBACEAABAAAACAEK~&z=1363791121 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers pragma no-cache date Sun, 28 Jan 2024 10:30:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	26ms 8ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1142332929694473&ev=PageView&dl=https%3A%2F%2Fd2p1qyxxogka01.cloudfront.net%2Fvpn-offer%2Fbfcm22&rl=&if=false&ts=1706437827872&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.2.1706437827870.1877162876&cs_est=true&ler=empty&cdl=API_unavailable&it=1706437827708&coo=false&exp=d1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 28 Jan 2024 10:30:27 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	main.MTU3YmJkODI0MA.js Show response analytics.tiktok.com/i18n/pixel/static/	379 KB 102 KB	61ms 61ms	Script application/javascript	104.126.37.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE9O4AJC77UA05ON0BI0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3fb856882cd87a671903d75d594f2fb840abbb70a196395fa2197cbadb03149e Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-akamai-request-id 1eb9b15a date Sun, 28 Jan 2024 10:30:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202401252008486664CB3D3A77D36D5204 x-tt-trace-id 00-2401252008486664CB3D3A77D36D5204-21124434B1998D91-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 016229f81049823936d3cb85cce8bcbe9b3121cdfbf847eba3c86cf6a93d2792f5dc203aa8367c77e73b689827d4d567afd59aa07d1e4f26e117fc92b4ad310eb9e7e1992329d1d903f715ec667b2b51eb1e5f75a056cccc88179eae40e6505f2c server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 104107
GET H2	200	identify_0a875.js Show response analytics.tiktok.com/i18n/pixel/static/	137 KB 37 KB	18ms 18ms	Script application/javascript	104.126.37.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df Request headers accept-language de-DE,de;q=0.9 Referer https://d2p1qyxxogka01.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Response headers x-akamai-request-id 1eb9b33a date Sun, 28 Jan 2024 10:30:27 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202401231515446A5F9594963C1C97A7E4 x-tt-trace-id 00-2401231515446A5F9594963C1C97A7E4-6E9507D48E434750-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01df44dae11d3c200464c328a8af956f9110aadf24e1a9456eced2c49e1ba927580babd73faf3270bc93758032b9846a20f242bbad2e131ad8eec0db9ab4d3f30f59739437f9df094ba4f22abfd68eaf2b40444fa623d2eddffc045239171bf331 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 37074
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 847 B	177ms 177ms	Ping text/plain	104.126.37.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1738f3dd.1eb9b3ee date Sun, 28 Jan 2024 10:30:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2401281030280C9014CD91121AC976B2-7AFEA851040396AF-00 x-cache TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) x-parent-response-time 138,104.126.37.143 server-timing cdn-cache; desc=MISS, edge; dur=111, origin; dur=41, inner; dur=39 content-length 0 pragma no-cache server nginx x-tt-logid 202401281030280C9014CD91121AC976B2 x-cache-remote TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 42,23.220.105.199 x-tt-trace-host 01f6be43465a12ed6f674215fbfc8fb5f0160f890ba6e0657354566b6c4cc2a21359fe21786ee78bcdd2b7e464485122a79d68d48df83ab68eb87f9d13ddc4179a41d9b7d93e2755ed02fd3a793eb8a68630426674ade733dd9f972214445d80ebddd843bd0a7930d0e48a8ef3194d6e7e access-control-allow-headers Authorization,* expires Sun, 28 Jan 2024 10:30:28 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 849 B	252ms 252ms	Ping text/plain	104.126.37.147 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-147.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://d2p1qyxxogka01.cloudfront.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.29 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 4ebb98f2.1eb9b9f8 date Sun, 28 Jan 2024 10:30:28 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240128103028E628FA6B1735701A49B0-3FF848BAD9E886B6-00 x-cache TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) x-parent-response-time 170,104.126.37.143 server-timing cdn-cache; desc=MISS, edge; dur=178, origin; dur=20, inner; dur=16 content-length 0 pragma no-cache server nginx x-tt-logid 20240128103028E628FA6B1735701A49B0 x-cache-remote TCP_MISS from a184-28-17-144.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 20,184.28.17.144 x-tt-trace-host 01f6be43465a12ed6f674215fbfc8fb5f0160f890ba6e0657354566b6c4cc2a213ec7b319692c71f22285b6600ef85c60d88680a39934680b5266a320747262383f8239223e484ef700957071aceceecc7f1e15e1c9b5b83ff671177f7c98b9301d2a2e48426fe86477964d62947343b75 access-control-allow-headers Authorization,* expires Sun, 28 Jan 2024 10:30:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www

URL

https://www/gpr?data=

Domain

www

URL

https://www/gpr?data=