www.herinteractive.com Open in urlscan Pro
104.196.213.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.herinteractive.com/
Effective URL:
https://www.herinteractive.com/
Submission: On March 03 via api (March 3rd 2024, 4:34:02 am UTC) from US — Scanned from DE

Summary HTTP 118 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 24 domains to perform 118 HTTP transactions. The main IP is 104.196.213.160, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.herinteractive.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 16th 2023. Valid for: a year.

This is the only time www.herinteractive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	104.196.213.160 104.196.213.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
1 6	2606:4700:10:... 2606:4700:10::6816:4ad6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:710... 2a02:26f0:7100::213:c6fa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.83.166.186 54.83.166.186	14618 (AMAZON-AES) (AMAZON-AES)
1	35.170.87.152 35.170.87.152	14618 (AMAZON-AES) (AMAZON-AES)
118	36

37 104.196.213.160 (North Charleston, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.213.196.104.bc.googleusercontent.com

www.herinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:4ad6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sidebar.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.searchiq.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100::213:c6fa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.socialannex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.166.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-166-186.compute-1.amazonaws.com

s4.socialannex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.87.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-87-152.compute-1.amazonaws.com

c1.socialannex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	herinteractive.com 1 redirects www.herinteractive.com	13 MB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 368 jnn-pa.googleapis.com — Cisco Umbrella Rank: 218	142 KB
8	googlesyndication.com c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	43 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	1009 KB
8	searchiq.co pub.searchiq.co — Cisco Umbrella Rank: 59128 api.searchiq.co — Cisco Umbrella Rank: 59126 static.searchiq.co — Cisco Umbrella Rank: 58455	45 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	91 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 static.doubleclick.net — Cisco Umbrella Rank: 259	137 KB
6	bugherd.com 1 redirects www.bugherd.com — Cisco Umbrella Rank: 20306 sidebar.bugherd.com — Cisco Umbrella Rank: 21509	22 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	21 KB
4	socialannex.com cdn.socialannex.com — Cisco Umbrella Rank: 149688 c1.socialannex.com — Cisco Umbrella Rank: 590609	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	259 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2	21 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
2	socialannex.net s4.socialannex.net	4 KB
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 625	236 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141 netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2926	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	7 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	30 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6744	409 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	656 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 316	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	97 KB
118	24

	Domain	Requested by
37	www.herinteractive.com	1 redirects www.herinteractive.com
8	www.youtube.com	www.herinteractive.com www.youtube.com
5	static.searchiq.co	www.herinteractive.com pub.searchiq.co static.searchiq.co
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	sidebar.bugherd.com	www.herinteractive.com www.bugherd.com sidebar.bugherd.com
5	cdn.jsdelivr.net	www.herinteractive.com cdn.jsdelivr.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdn.socialannex.com	www.herinteractive.com cdn.socialannex.com
3	www.facebook.com	www.herinteractive.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	connect.facebook.net	www.herinteractive.com connect.facebook.net
3	ajax.googleapis.com	www.herinteractive.com
2	s4.socialannex.net	cdn.socialannex.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	api.searchiq.co	pub.searchiq.co static.searchiq.co
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	fonts.googleapis.com	www.herinteractive.com
1	c1.socialannex.com	s4.socialannex.net
1	netdna.bootstrapcdn.com	s4.socialannex.net
1	cdnjs.cloudflare.com	cdn.socialannex.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.herinteractive.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.bugherd.com	1 redirects
1	d1eoo1tco6rr5e.cloudfront.net	www.herinteractive.com
1	pub.searchiq.co	www.herinteractive.com
1	maxcdn.bootstrapcdn.com	www.herinteractive.com
1	www.googleadservices.com	www.herinteractive.com
1	www.googletagservices.com	www.herinteractive.com
1	www.googletagmanager.com	www.herinteractive.com
118	38

This site contains links to these domains. Also see Links.

Domain
store.digitalriver.com
teespring.com
community.herinteractive.com
herinteractive.creator-spring.com
visitor.r20.constantcontact.com
instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.pinterest.com

Subject Issuer	Validity	Valid
herinteractive.com Go Daddy Secure Certificate Authority - G2	`2023-02-16` - `2024-03-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
searchiq.co E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bugherd.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.socialannex.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-09-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.socialannex.net Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.herinteractive.com/
Frame ID: BEE42641ED52FCA0A304ED0D27C644BA
Requests: 82 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe
Frame ID: ABEAC4DCDFC67364FF89F621649B7480
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ucQKXq92tzM
Frame ID: 4A6D853503797863E9370EE505A2ADE7
Requests: 20 HTTP requests in this frame

Frame: https://c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDC8280F93532DFCEF8A65616E5D48F9
Requests: 1 HTTP requests in this frame

Frame: https://sidebar.bugherd.com/sidebar/embed_html?apikey=a6xbv9u1dqakfy2mr1xlyq
Frame ID: 3ACFCF515FF9460C87A08150350004B0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CE86BE35FDF625ADCCE5C7CAA04E7A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82EDC1C96C7DBAE07B88FC65F52461BD
Requests: 2 HTTP requests in this frame

Frame: https://s4.socialannex.net/v2/service/s4_main_iframe.php?siteid=9911061&saopen=null&src_pageurl=https%3A%2F%2Fwww.herinteractive.com%2F&incid=1&prodesc=The%20official%20site%20for%20Nancy%20Drew%20Games.%20Get%20adventure%20and%20mystery%20games%20for%20girls%20of%20all%20ages.&prodimg=%2F%2Fcdn.socialannex.com%2Fcustom_images%2F9911061%2FN6VJVD_logo2.png&prodtitle=Check%20out%20Nancy%20Drew%20Games%20and%20save%2020%25%20Off%20by%20Her%20Interactive&loyaltyUserId=null
Frame ID: 0B552955BEBAE8D99C5C8368D67426A8
Requests: 2 HTTP requests in this frame

Frame: https://c1.socialannex.com/c-incentive-cookie.php?site_id=9911061&incentive_id=1&random=3828
Frame ID: 23642447F5FB44BD8903351E50E8687F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nancy Drew Interactive Games | Her Interactive

Page URL History Show full URLs

http://www.herinteractive.com/ HTTP 301
https://www.herinteractive.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

118
Requests

98 %
HTTPS

83 %
IPv6

24
Domains

38
Subdomains

36
IPs

3
Countries

15227 kB
Transfer

20122 kB
Size

12
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://store.digitalriver.com/DRHM/store?Action=DisplayEditProfilePage&SiteID=herinter&Locale=en_US&Env=BASE
Title: Login

Search URL Search Domain Scan URL

URL: https://store.digitalriver.com/DRHM/store?Action=DisplayHelpPage&SiteID=herinter&Locale=en_US&ThemeID=26250100&Env=BASE
Title: Logout

Search URL Search Domain Scan URL

URL: https://store.digitalriver.com/store/herinter/cart
Title: View Cart

Search URL Search Domain Scan URL

URL: https://teespring.com/stores/herinteractive
Title: Merchandise on Teespring

Search URL Search Domain Scan URL

URL: http://community.herinteractive.com/
Title: Message Boards

Search URL Search Domain Scan URL

URL: https://store.digitalriver.com/DRHM/store?Action=DisplayEditProfilePage&SiteID=herinter&Locale=en_US&Env=BASE&resid=VjvvawoydBAAAIXWEUsAAADF&rests=1446773965357
Title: Log In

Search URL Search Domain Scan URL

URL: https://herinteractive.creator-spring.com/
Title: View Store

Search URL Search Domain Scan URL

URL: https://visitor.r20.constantcontact.com/manage/optin?v=001_vy7Mr9Zh8zR0-VzBOuNtGMsMMd8MmeSty1aXf9-Fmy4IHKso9-kLg%3D%3D
Title: Sign Up Now

Search URL Search Domain Scan URL

URL: http://visitor.r20.constantcontact.com/d.jsp?llr=ej7uubcab&p=oi&m=1101714321700&sit=vvl95zncb
Title: Get Newsletter

Search URL Search Domain Scan URL

URL: https://instagram.com/nancydrewpcgames/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NancyDrewPCGames?ref=nf

Search URL Search Domain Scan URL

URL: https://twitter.com/HerInteractive

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HerInteractiveGames

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/nancydrewgames/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.herinteractive.com/ HTTP 301
https://www.herinteractive.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://insight.adsrvr.org/tags/d2jdiln/od0ojfo/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe

Request Chain 32

https://www.bugherd.com/sidebarv2.js?apikey=a6xbv9u1dqakfy2mr1xlyq HTTP 302
https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq

Request Chain 75

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.herinteractive.com/
Redirect Chain

http://www.herinteractive.com/
https://www.herinteractive.com/

86 KB
17 KB

450ms
211ms

Document
text/html

104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: cfe3d24f588584efd9268e09362fafb4365c90fab9e685a1a79d07b150adbf99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Fri, 01 Mar 2024 20:12:37 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 5
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 03 Mar 2024 04:33:55 GMT
Keep-Alive: timeout=20
Location: https://www.herinteractive.com/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 41ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fce142aecdaf2c7c5f1ca34d5372a09cd7c2c644f94d7c0562745c6937faed98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 04:33:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 04:33:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
979 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 04:01:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 04:33:56 GMT

GET
H2 200 style.css
www.herinteractive.com/wp-content/themes/herinteractive/ 52 KB
12 KB 118ms
115ms Stylesheet
text/css 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/themes/herinteractive/style.css
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9cccd4d3bb1424c0ce0322a6ef3602537e70dd9eb50dd540764a518c7a2eed7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 22:23:09 GMT
server: nginx
etag: W/"602af44d-d16f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:17:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 12:17:17 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/ 223 KB
60 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61441
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:54:56 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/ 31 KB
6 KB 29ms
7ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/themes/smoothness/jquery-ui.css

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6001
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:16:22 GMT

GET
H2 200 bpti0.js Show response
www.herinteractive.com/wp-content/cache/wpfc-minified/1ropjrez/ 31 KB
12 KB 221ms
219ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/1ropjrez/bpti0.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6768247b46c239d6c68adb931488d0c31dca808e63bdb45e4f228610a92f685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:15:08 GMT
server: nginx
etag: W/"64d43a1c-7d04"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bptwd.css
www.herinteractive.com/wp-content/cache/wpfc-minified/d3e6yqx/ 401 KB
49 KB 214ms
212ms Stylesheet
text/css 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/d3e6yqx/bptwd.css
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ec0aba00242980737b1aa3b813009140651a3320f52832b6a2c5a5733f535411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:17:45 GMT
server: nginx
etag: W/"64d43ab9-6447c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bpvd0.css
www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/ 304 KB
40 KB 220ms
219ms Stylesheet
text/css 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/bpvd0.css
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4750a7638750ac9bee99263d3961fe8753f916ff9a175fc9c69599579485b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:25:10 GMT
server: nginx
etag: W/"64d43c76-4c060"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bpti0.js Show response
www.herinteractive.com/wp-content/cache/wpfc-minified/9knih7jl/ 102 KB
36 KB 221ms
220ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/9knih7jl/bpti0.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 891fe6e4ce6838ae786178ab94dd0debfd66a786d62a28a67a5da0ab313cc8dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:15:08 GMT
server: nginx
etag: W/"64d43a1c-19786"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bpti0.js Show response
www.herinteractive.com/wp-content/cache/wpfc-minified/8a96hbe1/ 61 KB
20 KB 221ms
220ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/8a96hbe1/bpti0.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d23edf6e480d0bf0e24c6d333c8c52363e26d07b543c7be972c34c7a170da7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:15:08 GMT
server: nginx
etag: W/"64d43a1c-f4c2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bpvd0.js Show response
www.herinteractive.com/wp-content/cache/wpfc-minified/1brctii8/ 27 KB
6 KB 221ms
220ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/1brctii8/bpvd0.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ae38d44627202218c2501ed8c9950eca6e2d9df86e944d5fe71754edfb8fd72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:25:10 GMT
server: nginx
etag: W/"64d43c76-6cc0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bpti0.css
www.herinteractive.com/wp-content/cache/wpfc-minified/2nftd2km/ 56 KB
8 KB 220ms
219ms Stylesheet
text/css 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/2nftd2km/bpti0.css
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71e1bc3730bedb6244c94ed7fbe0679593231e56fab68cb639d2bec476dc3ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:15:08 GMT
server: nginx
etag: W/"64d43a1c-de4a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
97 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-66B4NH7G1X

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e07323f3afec4d23951d1567cb63c88945d6a408c9baa0cffd446c14559ec1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Mar 2024 04:33:56 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 88 KB
28 KB 62ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

831e8ccba89b7f1dea3f581481146510e530f49fce2279bad55feae8aea42c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28605
x-xss-protection: 0
server: cafe
etag: 566 / 19785 / m202402220101 / config-hash: 7305879754805612343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 04:33:56 GMT

GET
H2 200 logoDesktop.png
www.herinteractive.com/wp-content/themes/herinteractive/images/ 17 KB
17 KB 110ms
109ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/themes/herinteractive/images/logoDesktop.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 847661d6ea71238999e2218bbf661384d2b38655419818e2bc142314623a6131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Sat, 30 Jan 2021 02:11:01 GMT
server: nginx
etag: "6014c035-43d3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17363

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 30ms
14ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8044521
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230127-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXRyvaunnIgtqkaHy%2BEvnqwVOAKy74f%2FoEDzuvN9qX4aToyAXioKgfSZRU61NE6v9p6Vjq1WN0ORHk1PlnVSiAtgc%2Bcw2Swgu943E1VJg6XWZkuwW1gWd6qKju4WojnQOguY3VRkObTeC5xkFi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85e6e946eff51a49-FRA

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 3 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9774127
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuKMcRwU6zww%2FeC0Ft%2Buyz5ynifQa2ZCX8JpPDoT05%2BfjK7np5K9X%2BCOA3pMxhKKHIL9q%2BfzZdWQXiN8GAsOH49lH%2B1wkYhKEjT9xw16ew2txJ0t5BH7Svby7mI%2FNil6zcOeOHRO%2B9b00FZjFfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85e6e946f8031a49-FRA

GET
H2 200 grayscale.js Show response
www.herinteractive.com/wp-content/themes/herinteractive/js/ 4 KB
2 KB 132ms
131ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/themes/herinteractive/js/grayscale.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 64ac7fb7a606a3e8d25ab8de446debcb97441c10258e7c654516e0f08b7d01fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Sat, 30 Jan 2021 02:11:01 GMT
server: nginx
etag: W/"6014c035-10f9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 functions.js Show response
www.herinteractive.com/wp-content/themes/herinteractive/js/ 4 KB
2 KB 175ms
175ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/themes/herinteractive/js/functions.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29d3fd1cef3a77ae809f0ab0ed74bdc2c4f604809fef572f5c1215507321d652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Sat, 30 Jan 2021 02:11:01 GMT
server: nginx
etag: W/"6014c035-1183"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 52 KB
20 KB 44ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

81dc8d8e9a84f2311c4e14be1ca8bdefe710b75b1ae4a36b806ae27a9098b9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19732
x-xss-protection: 0
server: cafe
etag: 14237121441153152300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 04:33:56 GMT

GET
H2 200 index.js Show response
www.herinteractive.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 161ms
161ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:14:47 GMT
server: nginx
etag: W/"64d43a07-2a12"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 index.js Show response
www.herinteractive.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 109ms
108ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 10 Aug 2023 01:14:47 GMT
server: nginx
etag: W/"64d43a07-328f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
www.herinteractive.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 126ms
125ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
etag: W/"63dbe690-53be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 accordion.min.js Show response
www.herinteractive.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 113ms
111ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
etag: W/"63dbe690-226e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tabs.min.js Show response
www.herinteractive.com/wp-includes/js/jquery/ui/ 12 KB
4 KB 114ms
112ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
server: nginx
etag: W/"6328af19-2ea1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 squelch-tabs-and-accordions.js Show response
www.herinteractive.com/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/ 35 KB
8 KB 115ms
113ms Script
application/javascript 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/plugins/squelch-tabs-and-accordions-shortcodes/js/squelch-tabs-and-accordions.js?ver=0.4.3
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 768b2c41b5b1af4878b6607d3b0f17e650350ecba202e426e2c1dd881d049331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
last-modified: Thu, 20 Apr 2023 00:10:03 GMT
server: nginx
etag: W/"644082db-8af3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 16ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2555924
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-lga21934-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWGfS0nFMWJWDNcZcXJXMdhCl6WvRqq6SKj0yZnzH4yWPlkMiRh06gngRaelKjWDO%2BtIA8Ll2HlKDX5%2FqinXYUvLhqIzBj7xT2l718Y6He7bibpzZYgLo7%2FsJn1aRfksB47WDmsYX9R0tt3XDQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85e6e9490eb44d85-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 42ms
24ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/wp-content/themes/herinteractive/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 8202378
cdn-cachedat: 10/31/2023 18:48:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85e6e947be4c3aa2-FRA
cdn-requestpullsuccess: True

GET
H2 200 siq-container-2.js Show response
pub.searchiq.co/js/container/ 10 KB
5 KB 296ms
95ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=953317&engineKey=d58156ce7e6434cb653f2ae3162f41d4
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbbe4e8229134375fb2b3d9609c4256f4f1ab52bdbbbf3f4393d041643c87306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2024 22:40:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1454
etag: W/"efd27a64336787b61deabcb2afbe03be-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPS6K1pK0ew8%2FE2wNskLPBfI1aGPh2boyt5F%2FwmnYNlhGgKQjngQx2JYDJcPZcawL34VUAlO0C3pYY%2B9j%2B%2F5KRGq%2FgMktwsgilnh8uRwLsFjwiNZjHWjg%2Ff0R3Va1kmBzJ4YdABUoP8X0fgVoAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5266800
cf-ray: 85e6e94a8d4b4331-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 1 May 2024 23:08:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 03 Mar 2024 04:33:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: So25ZSi7NNOzX0czn+judYZLrd0L4rBijVXrMPY7nf5alL5j/zEomUu9ugEa+vpIEiRIg33VGMRhjLsCsLuleA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/ Frame ABEA
Redirect Chain

https://insight.adsrvr.org/tags/d2jdiln/od0ojfo/iframe
https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe

133 B
656 B

42ms
11ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bafee7ddcef9537322bf5a84d234eee48b357cf612d7916747bf6962618cd65b

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 2180
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 133
Content-Type: text/html
Date: Sun, 03 Mar 2024 04:33:56 GMT
ETag: "2dc5ef6f627a7764cf078f6c52425a32"
Last-Modified: Fri, 01 Oct 2021 23:59:29 GMT
Server: AmazonS3
Via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: IhiPl9emuMxxdBHFAtUl20WS0DW9gHT6psDzZavEpPpR-AjzMIm0Tg==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Sun, 03 Mar 2024 04:33:56 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe

GET
H2

200

embed.js Show response
sidebar.bugherd.com/
Redirect Chain

https://www.bugherd.com/sidebarv2.js?apikey=a6xbv9u1dqakfy2mr1xlyq
https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq

18 KB
7 KB

322ms
306ms

Script
text/javascript

2606:4700:10::6816:4ad6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Server

2606:4700:10::6816:4ad6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013418a7deb316b1d13ecf61cbe4e66cca71a89bcffa6a484d04c535ecd65c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 vegur
p3p: CP="NOI ADM DEV COM NAV OUR STP"
content-length: 6351
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709440436&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=185Ri0gkmbgFzLBFFCBKGgqwNm6YNNotbCt2A6PHm4M%3D
x-request-id: c906a435-a2b4-48fb-971a-97acb3bdbeca
x-runtime: 0.002811
referrer-policy: origin
server: cloudflare
etag: W/"8dd85fd60421354268ef7d9bed86108e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709440436&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=185Ri0gkmbgFzLBFFCBKGgqwNm6YNNotbCt2A6PHm4M%3D"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
accept-ranges: bytes
cf-ray: 85e6e9497ec719ad-FRA
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary: Accept-Encoding

Redirect headers

location: https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq
date: Sun, 03 Mar 2024 04:33:56 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 85e6e9493ea619ad-FRA
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1020191389/ 43 B
573 B 38ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020191389/?random=1709440436643&cv=9&fst=1709440436643&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.herinteractive.com%2F&tiba=Nancy%20Drew%20Interactive%20Games%20%7C%20Her%20Interactive&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Rotator-NewNancyDrewMystery-01.png
www.herinteractive.com/wp-content/uploads/ 2 MB
2 MB 217ms
214ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Rotator-NewNancyDrewMystery-01.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: de339f2baa0904241f06c185f1479cb087aa5f393abf82f0f365ead91e62ad82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Tue, 18 Apr 2023 23:54:47 GMT
server: nginx
etag: "643f2dc7-22c3b0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2278320

GET
H2 200 Rotator-Card-Contest-Winners-2024.png
www.herinteractive.com/wp-content/uploads/ 2 MB
2 MB 216ms
213ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Rotator-Card-Contest-Winners-2024.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5f960119fff15c0089fb30e4460c7caad6768e92bef65d85c947b0272d9a4b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Wed, 21 Feb 2024 21:32:45 GMT
server: nginx
etag: "65d66bfd-1dfdcb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1965515

GET
H2 200 02_MeiParry-ofw.jpg
www.herinteractive.com/wp-content/uploads/ 354 KB
355 KB 217ms
214ms Image
image/jpeg 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/02_MeiParry-ofw.jpg
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: d1ec4c01363d109580e510c867af94e36d2a9f3a3bfd39db288ee0dbd495f47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Thu, 02 Dec 2021 19:23:06 GMT
server: nginx
etag: "61a91d1a-588bd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 362685

GET
H2 200 Rotator-Merch-Banner-2023-G34-May.png
www.herinteractive.com/wp-content/uploads/ 3 MB
3 MB 216ms
213ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Rotator-Merch-Banner-2023-G34-May.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 22190435a81c75d7b83ea0b778066adcf3d1f931a128c03651aff7438e1f1b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Wed, 17 May 2023 02:12:34 GMT
server: nginx
etag: "64643812-3779f0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3635696

GET
H2 200 Rotator-Newsletter.png
www.herinteractive.com/wp-content/uploads/ 665 KB
666 KB 217ms
214ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Rotator-Newsletter.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9240d777eb64cf49623a4b94120b9939e9a60348996672d112b8a3e0492bd0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Sat, 12 Mar 2022 22:52:07 GMT
server: nginx
etag: "622d2417-a639b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 680859

GET
H2 200 Rotator-Learn-Play-Worksheet.png
www.herinteractive.com/wp-content/uploads/ 2 MB
2 MB 217ms
214ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Rotator-Learn-Play-Worksheet.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5fbb43cd31f069d139ccc116ea800c029aabe50fde05fecdcbe0028f7e51aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Fri, 18 Mar 2022 01:06:57 GMT
server: nginx
etag: "6233db31-1ee9f7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2025975

GET
H2 200 macOS-Compatibility-Rotator-2021-Dec-1.png
www.herinteractive.com/wp-content/uploads/ 1 MB
1 MB 217ms
215ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/macOS-Compatibility-Rotator-2021-Dec-1.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a8a6c5d689ab55a02434c2e9080966aef03ce20cb30b70c7b367effd48ea933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Tue, 21 Dec 2021 01:44:55 GMT
server: nginx
etag: "61c13197-13c241"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1294913

GET
H2 200 Website-Icon-White-Mystery.png
www.herinteractive.com/wp-content/uploads/ 57 KB
57 KB 217ms
215ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Website-Icon-White-Mystery.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f8dc912fbe7d998c8aad64c54c6963e09c495d9967b3a88785e01778f7a97ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Mon, 03 Apr 2023 19:58:48 GMT
server: nginx
etag: "642b2ff8-e4cf"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 58575

GET
H2 200 Website-Icon-White-Detective.png
www.herinteractive.com/wp-content/uploads/ 34 KB
34 KB 217ms
215ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Website-Icon-White-Detective.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: fed9d2aeccc177d96557ee36e5ec7375b10e9009dfff27fc53b9ed8203dbe234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Mon, 03 Apr 2023 19:58:50 GMT
server: nginx
etag: "642b2ffa-888e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34958

GET
H2 200 Website-Icon-White-Scary.png
www.herinteractive.com/wp-content/uploads/ 35 KB
35 KB 197ms
194ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Website-Icon-White-Scary.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7ba93c5f64511538593335e5d61ceb85ad22381bc809ca85908db07322060585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Mon, 03 Apr 2023 19:58:49 GMT
server: nginx
etag: "642b2ff9-8bfb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35835

GET
H2 200 Website-Icon-White-Email-Newsletter.png
www.herinteractive.com/wp-content/uploads/ 18 KB
19 KB 117ms
115ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/Website-Icon-White-Email-Newsletter.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32218f6f5efc02567e553c2216ea08109419d85617a9a07df85dee52a23ada76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Mon, 03 Apr 2023 19:58:46 GMT
server: nginx
etag: "642b2ff6-49b7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18871

GET
H2 200 games-slider.jpg
www.herinteractive.com/wp-content/uploads/ 294 KB
295 KB 118ms
116ms Image
image/jpeg 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/games-slider.jpg
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 836881a5f8484865d73254c7707b85ba49cc7affc9081c69c40e70f7c327f704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Tue, 09 Feb 2021 16:24:28 GMT
server: nginx
etag: "6022b73c-49848"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 301128

GET
H2 200 pasted-image-0-9-ofw.jpg
www.herinteractive.com/wp-content/uploads/ 110 KB
110 KB 114ms
112ms Image
image/jpeg 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/pasted-image-0-9-ofw.jpg
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6eef94142717dc0a43112a95f3af7c29e300d217ad4d66de615ca50ac581c8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Thu, 02 Dec 2021 19:23:03 GMT
server: nginx
etag: "61a91d17-1b63f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 112191

GET
H2 200 LIE_Screen_Exhibit-e1614106420268-ofw.jpg
www.herinteractive.com/wp-content/uploads/ 209 KB
210 KB 217ms
215ms Image
image/jpeg 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/LIE_Screen_Exhibit-e1614106420268-ofw.jpg
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f1c93ff4bccf15c84d98bf8d39050ea09caa29bd718b79d30f1548f8cd999a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Thu, 02 Dec 2021 19:23:04 GMT
server: nginx
etag: "61a91d18-34533"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 214323

GET
H2 200 pasted-image-0-7-1-e1610134759489.png
www.herinteractive.com/wp-content/uploads/ 341 KB
341 KB 217ms
215ms Image
image/png 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herinteractive.com/wp-content/uploads/pasted-image-0-7-1-e1610134759489.png
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6bb23a6c1a51b26c290ef80dcd9c4af0147e1eade6645e32bd0bb8010451bcdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Tue, 09 Feb 2021 16:32:43 GMT
server: nginx
etag: "6022b92b-5532e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 348974

GET
H2 200 SIQ_icomoon.ttf
www.herinteractive.com/wp-content/plugins/searchiq/assets/4.1/fonts/ 1 KB
1 KB 215ms
214ms Font
application/octet-stream 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/plugins/searchiq/assets/4.1/fonts/SIQ_icomoon.ttf?o72w6t
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/bpvd0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: cbd5998fc0b95415f437f9356658afab3147f831dd0793969e27b9840f7253e1

Request headers

Referer: https://www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/bpvd0.css
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Thu, 20 Apr 2023 00:10:02 GMT
server: nginx
etag: "644082da-4dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1244

GET
H2 200 fontawesome-webfont.woff2
www.herinteractive.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 215ms
214ms Font
font/woff2 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herinteractive.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/bpvd0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 160.213.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.herinteractive.com/wp-content/cache/wpfc-minified/f1qvjsem/bpvd0.css
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
last-modified: Thu, 10 Aug 2023 01:14:49 GMT
server: nginx
etag: "64d43a09-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 12 KB
12 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 07:21:10 GMT
x-content-type-options: nosniff
age: 421966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 07:21:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:53:04 GMT
x-content-type-options: nosniff
age: 416452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:53:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 01:17:56 GMT
x-content-type-options: nosniff
age: 443760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 01:17:56 GMT

GET
H2 200 1658163961105744 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 80ms
79ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1658163961105744?v=2.9.148&r=stable&domain=www.herinteractive.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d1a8930c1bb68a5a98d862f037fc4fc4a5e54112f1c92ba5ed960ce74d60d29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 03 Mar 2024 04:33:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: l6+ozbAqO4iLsL2q42XaWYqYNnnDO8bM1FvDS6M558LF59XDlPSLBuwJNArZH9Y8wJOfYCm/yzwitqUWCzxP3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-66B4NH7G1X&gtm=45je42t1v888408704za220&_p=1709440436637&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=501921739.1709440437&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709440436&sct=1&seg=0&dl=https%3A%2F%2Fwww.herinteractive.com%2F&dt=Nancy%20Drew%20Interactive%20Games%20%7C%20Her%20Interactive&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1129
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-66B4NH7G1X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 04:33:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herinteractive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 62ms
17ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-66B4NH7G1X&cid=501921739.1709440437&gtm=45je42t1v888408704za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-66B4NH7G1X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 04:33:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herinteractive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 41ms
18ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-66B4NH7G1X&cid=501921739.1709440437&gtm=45je42t1v888408704za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=586723842

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 04:33:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 56ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34251
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 02 Mar 2025 19:03:05 GMT

GET
H3 200 ajax-loader.gif
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 4 KB
5 KB 15ms
14ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10548922
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4178
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7Op6DrJbMhVSDMPg4IUZxJhLGkcAUqjV9RkySrmAxHB7msXVGkbcxqETK30PS5rHhl0k6o6yjopTumR3SXCmlbcww%2BDxjVlPKO3HH4tXhC1yc0N43P8e88yjHbh1ixgsR%2BOcQ%2F4undxpSWwFpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85e6e949cf3b4d85-FRA

GET
H3 200 slick.woff
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/ 1 KB
2 KB 27ms
17ms Font
font/woff 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/slick.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Origin: https://www.herinteractive.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8286262
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1380
x-served-by: cache-fra-eddf8230054-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"564-r5HBLw9Aak+AGus7OYdo/kHY+GQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HulKv4GP2uVMNKUDsZhX4KUeZaujO%2BLzQ0qBHJlmj94cUTqtFq8fKmVb%2F2WNF5HbT7K82Qr0obyjRK2m3bWJ0O2gP0DKRiH7B%2BrSgnLpx2o%2FaSnPskBmRVMrlj%2F1%2B1yI83KsUxa40vMP8EyLtG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85e6e949e8d2900c-FRA

GET
H2 200 ucQKXq92tzM Show response
www.youtube.com/embed/ Frame 4A6D 90 KB
39 KB 104ms
83ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ucQKXq92tzM

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a8d3ecee24ed2ef6a90d020f73492e00018feae220e58ad9788e2964003d087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 04:33:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame ABEA 70 B
149 B 32ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=d2jdiln&ct=0:od0ojfo&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/d2jdiln/od0ojfo/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 400 admin-ajax.php Show response
www.herinteractive.com/wp-admin/ 1 B
330 B 672ms
671ms XHR
text/html 104.196.213.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herinteractive.com/wp-admin/admin-ajax.php

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/wp-content/cache/wpfc-minified/9knih7jl/bpti0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.196.213.160 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.213.196.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.herinteractive.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-powered-by: WP Engine
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.herinteractive.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 22ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658163961105744&ev=PageView&dl=https%3A%2F%2Fwww.herinteractive.com%2F&rl=&if=false&ts=1709440436814&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709440436813.1210729732&ler=empty&cdl=API_unavailable&it=1709440436688&coo=false&rqm=GET

Requested by

Host: www.herinteractive.com
URL: https://www.herinteractive.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 03 Mar 2024 04:33:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
608 B 120ms
119ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2144164665191683&correlator=1473737469609217&eid=31079956%2C31079525&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fifs&iu_parts=21664375727%2Cdesktop-side%2Cdesktop_left_side&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=240x400%2C240x400&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709440436841&lmt=1709323957&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.herinteractive.com%2F&vis=1&psz=1600x3286%7C1600x3286&msz=240x-1%7C240x-1&fws=128%2C128&ohw=0%2C0&ga_vid=501921739.1709440437&ga_sid=1709440437&ga_hid=74921458&ga_fc=true&dlt=1709440436280&idt=546&adks=75020369%2C3359195211&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

265c682e56e54a7b2799aee27ce9d738064a3cb259462925174e4a9c87116549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.herinteractive.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDC8 6 KB
3 KB 69ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 04:33:56 GMT
expires: Mon, 03 Mar 2025 04:33:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/31eb286a/ Frame 4A6D 366 KB
47 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 01:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47553
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Mar 2025 01:35:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A6D 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:49:09 GMT
x-content-type-options: nosniff
age: 416687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:49:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A6D 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:11:37 GMT
x-content-type-options: nosniff
age: 415339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:11:37 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 4A6D 53 KB
17 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:24:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 331775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16861
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:24:21 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame 4A6D 319 KB
95 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Mar 2025 00:22:34 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 4A6D 2 MB
779 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796820
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:24:21 GMT

GET
H2 200 settings.js Show response
api.searchiq.co/api/searchEngines/d58156ce7e6434cb653f2ae3162f41d4/ 5 KB
3 KB 186ms
177ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.searchiq.co/api/searchEngines/d58156ce7e6434cb653f2ae3162f41d4/settings.js?callback=SIQ_settings_loaded&cb=188302625587068
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=953317&engineKey=d58156ce7e6434cb653f2ae3162f41d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7f76c08696341125a7f2f7c11e56ca762e67fc3afd64b02d820128c8e13867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfwU2FKOJVa8o0UYNcIvwy%2FT%2BLzuHbsExVYaYwy7LOaOSSMgJ%2BbfU2jgi4q9iuL0vy6FHHcttqav5Rxdfbj6IuMF7GEfFWa7BjDLWq2lz2PG89LzW1h6hQX4IXyJzw%2Bod4vZqYgzzvlDTxKap4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store
cf-ray: 85e6e94b3dff4331-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 pxl.gif
static.searchiq.co/t/ 43 B
423 B 192ms
176ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.searchiq.co/t/pxl.gif?engineKey=d58156ce7e6434cb653f2ae3162f41d4&pageUrl=https%3A%2F%2Fwww.herinteractive.com%2F&referrer=&cb=818485448
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Mar 2024 22:40:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ed2d43a9844d82fc05aa8162dc363200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0wg9aR4AbroGC1B4XYYff%2B2r25FoCt0BE80BOoRAe63zoDvwXgMWWeXHh0pms1CYMkFPpq0BDjh4v4IJBGI3lEWrG%2B7M4DJzFAOMe4vuR7XWIugm8NhCWRGhe968a7Zvz1jFFkPh%2BsvPi6FwcaJhRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5266800
accept-ranges: bytes
cf-ray: 85e6e94b3e074331-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Fri, 3 May 2024 03:33:57 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4A6D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cdde88da8a69e112c037d4faedb4369f63d0b32b015aeb8a29ca603563a1910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Mar 2024 04:33:57 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4A6D 29 B
494 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:41 GMT
x-content-type-options: nosniff
age: 16
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Mar 2024 04:48:41 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 38ms
17ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 03 Mar 2024 04:33:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A6D 86 KB
40 KB 26ms
25ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02a1d8f91170832badcc90c589f0b716202172c57421404103c2e4adcaea4601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40827
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 4A6D 118 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bb8e37f2f56e3c68f63f044471b5d20a00b400b205cba87c0c692c2f770454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 08:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 331748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34023
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Feb 2025 08:24:49 GMT

GET
H2 200 yHiuAayzh7ZXFXvbIOrPkyv85wwmgA2suXoAI6Ktxww.js Show response
www.google.com/js/th/ Frame 4A6D 50 KB
20 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/yHiuAayzh7ZXFXvbIOrPkyv85wwmgA2suXoAI6Ktxww.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c878ae01acb387b657157bdb20eacf932bfce70c26800dacb97a0023a2adc70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:59:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:59:59 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/ucQKXq92tzM/ Frame 4A6D 30 KB
30 KB 45ms
18ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ucQKXq92tzM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd415624ecbba3d9ed1e163260a85a20a375d4b81a01689ee663f21ccde35c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
x-content-type-options: nosniff
server: sffe
etag: "1676702100"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30612
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 03 Mar 2024 06:33:57 GMT

GET
DATA 200
OK truncated
/ Frame 4A6D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KdfqpM6yZxKi-x-hDztguAmvyh35a5MRjGBEnJxhWinlB5CZAOQk09oZcxEA5jlp0pblsG7V1Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4A6D 3 KB
3 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/KdfqpM6yZxKi-x-hDztguAmvyh35a5MRjGBEnJxhWinlB5CZAOQk09oZcxEA5jlp0pblsG7V1Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2de9899bb34107a4355943c3752b8193992d4f2fbf4579989f04bc72e536aca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:42:02 GMT
x-content-type-options: nosniff
age: 3115
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3079
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Mar 2024 03:42:02 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 03 Mar 2024 04:33:57 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A6D 90 B
134 B 29ms
29ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59bffddaec5c82345d1a66114541e6ea3b05072f6fced7d66cae6d0309383160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 embed_html Show response
sidebar.bugherd.com/sidebar/ Frame 3ACF 19 KB
5 KB 303ms
303ms Document
text/html 2606:4700:10::6816:4ad6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/sidebar/embed_html?apikey=a6xbv9u1dqakfy2mr1xlyq

Requested by

Host: www.bugherd.com
URL: https://www.bugherd.com/sidebarv2.js?apikey=a6xbv9u1dqakfy2mr1xlyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c446d0e467059aa65a85f3230254a0829472e60c6032068d4c7b073e768aaf3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: http://sidebar.bugherd.com
access-control-max-age: 1728000
access-control-request-method: *
cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 85e6e94c4ffa19ad-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Mar 2024 04:33:57 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p: CP="NOI ADM DEV COM NAV OUR STP"
referrer-policy: origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709440437&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=cLHE5Dy2JnqfsiVh1A22%2BzY4CK7n1cqAFihKmZ4OkWs%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709440437&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=cLHE5Dy2JnqfsiVh1A22%2BzY4CK7n1cqAFihKmZ4OkWs%3D
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 6e5f69dd-9de9-47f0-b564-8f7ae4b1ec11
x-runtime: 0.003164
x-xss-protection: 1; mode=block

GET
H2 200 sa.js Show response
static.searchiq.co/js/latest/ 6 KB
3 KB 111ms
111ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/latest/sa.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=953317&engineKey=d58156ce7e6434cb653f2ae3162f41d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8763b475e37bfac2fe719cee8041ce66deb6dae6802e5ab885ef241073baacfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 21:15:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289582
etag: W/"3416e4ad839c7095495407b61e5ed05b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS8EMLFmQSWtUK0CpUhWzQb%2B%2BbqOlAuh0sSiAkN0L%2FRmbLpm2mKILkXD7RgAnGkX7t5yb0xv8xcDFt8gFL%2BKBuzS96MqroQk0vEMgWX0FivHbnpMTd3amejGtqo0Q1MEWTMnZNb3%2FNvwJBRMnsIkZg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5180400
cf-ray: 85e6e94caf6e4331-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Apr 2024 19:07:35 GMT

GET
H2 200 autocomplete.js Show response
static.searchiq.co/js/latest/ 46 KB
12 KB 114ms
114ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/latest/autocomplete.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=953317&engineKey=d58156ce7e6434cb653f2ae3162f41d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c815f0cb2d6e09219a33df3ccc339ef983f1a7e5fb90b65b8b136d1afaad6512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 21:15:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289582
etag: W/"b8e7e2236d937e2877ede3f3edf8b262-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i08F7bLMcwovLYAQH1LVgybl3d5hbMjXFXlkEBEZyimURJ7ikYV805JiZLyA8CotIYUUoxOjhVMMCZzuZGQ1rYmYMxAR2nEmQmUBs6D30Kbg3fhA1RcvyPFgDp6NQUjYGOL%2BRjWpGjfULGaGUpmgJrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5180400
cf-ray: 85e6e94caf714331-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Apr 2024 19:07:35 GMT

GET
H2 200 search-results.js Show response
static.searchiq.co/js/latest/ 71 KB
18 KB 117ms
117ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/js/latest/search-results.js
Requested by: Host: pub.searchiq.co
URL: https://pub.searchiq.co/js/container/siq-container-2.js?cb=953317&engineKey=d58156ce7e6434cb653f2ae3162f41d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7691e043b17091e691ed098a443f6afb0cf81acbe235857e51f57c0b537dccb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 21:15:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289582
etag: W/"507c0e6e405b7a48c04965fe7ee53729-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7TZPuvet8Qv%2FHhOVhtnDKf446Ec8VKr9it2RSCMQr4X6u7XdasJLoOTtAWt7wks8syEVdcBp6Pleuv7uXju0OudzzMic8xF4TS2njXUslUeXnstMw1mNbS77i94W8JjJF156yrGrj781i8XY%2FcDLO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5180400
cf-ray: 85e6e94caf724331-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Apr 2024 19:07:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4A6D 4 KB
2 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 04:33:57 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4A6D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jgNVLQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ucQKXq92tzM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ucQKXq92tzM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame 4A6D 50 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 07:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 03 Mar 2024 07:32:29 GMT

GET
H3 200 autocomplete.css
static.searchiq.co/css/latest/ 15 KB
3 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.searchiq.co/css/latest/autocomplete.css
Requested by: Host: static.searchiq.co
URL: https://static.searchiq.co/js/latest/autocomplete.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de75e85c035c2627c705117cd12d90810ac7c6f0359d6541b88abd2f5ef485ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 21:15:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 289583
etag: W/"271b8ae49eb6a65257af7e1ce787587c-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS7c39WjohodGQj5k0ymyUJhw%2BYluBYw%2FHD0QqosOI4VojfYXT%2Bo3t1OqrEgZuXOMG%2FecPDRTQOM38yIaB%2Fi3kJYOTKoIsK15Vk8okYI15C8tAltY4asJXuwy1Y5ewLyespRCZVl5jsjdHFsRAtY8Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=5180400
cf-ray: 85e6e94d2eb86f08-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Apr 2024 19:07:34 GMT

GET
H3 200 custom.css
api.searchiq.co/api/css/d58156ce7e6434cb653f2ae3162f41d4/ 8 KB
2 KB 29ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.searchiq.co/api/css/d58156ce7e6434cb653f2ae3162f41d4/custom.css?v=latest&cb=2077235
Requested by: Host: static.searchiq.co
URL: https://static.searchiq.co/js/latest/autocomplete.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adf1a9b642380967dcc1bdf3e07d001afd0e1cce1cf655bbfef0147e826a6de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Mar 2024 03:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5470
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rENPUMqschxjQei3zuIUPFBynROS7MBKWh%2BAUCaKHN4%2B4AtM5hX7f%2FC0NDhihldNNJPbcxa5AuyXL9YvT6zh2Wc%2BIuvzqqYP6RrwvTj3fq%2BnYLJrLpr9HKjVroGTL6NZcaBb635UKy7LXmNJERM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-store
cf-ray: 85e6e94d2eb96f08-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png
sidebar.bugherd.com/assets/ Frame 3ACF 2 KB
3 KB 18ms
17ms Image
image/png 2606:4700:10::6816:4ad6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sidebar.bugherd.com/assets/bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=a6xbv9u1dqakfy2mr1xlyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sidebar.bugherd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
strict-transport-security: max-age=0; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 949679
content-length: 2267
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1708490758&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=c9Skp3tLNWuc2vElhokx7V3WB%2FYJFoYZSEamnyQtcgQ%3D
last-modified: Wed, 18 Oct 2023 01:51:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1708490758&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=c9Skp3tLNWuc2vElhokx7V3WB%2FYJFoYZSEamnyQtcgQ%3D"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85e6e94e38d019ad-FRA

GET
H2 200 embed.js Show response
sidebar.bugherd.com/ Frame 3ACF 18 KB
6 KB 15ms
15ms Script
text/javascript 2606:4700:10::6816:4ad6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=a6xbv9u1dqakfy2mr1xlyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

013418a7deb316b1d13ecf61cbe4e66cca71a89bcffa6a484d04c535ecd65c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sidebar.bugherd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-encoding: gzip
x-permitted-cross-domain-policies: none
age: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709440436&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=185Ri0gkmbgFzLBFFCBKGgqwNm6YNNotbCt2A6PHm4M%3D
referrer-policy: origin
etag: W/"8dd85fd60421354268ef7d9bed86108e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
date: Sun, 03 Mar 2024 04:33:57 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
via: 1.1 vegur
p3p: CP="NOI ADM DEV COM NAV OUR STP"
content-length: 6351
x-xss-protection: 1; mode=block
x-request-id: c906a435-a2b4-48fb-971a-97acb3bdbeca
x-runtime: 0.002811
server: cloudflare
x-download-options: noopen
access-control-max-age: 1728000
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709440436&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=185Ri0gkmbgFzLBFFCBKGgqwNm6YNNotbCt2A6PHm4M%3D"}]}
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 85e6e94e38d119ad-FRA

GET
H2 200 resources Show response
sidebar.bugherd.com/sidebar/ Frame 3ACF 573 B
568 B 306ms
306ms Fetch
application/json 2606:4700:10::6816:4ad6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/sidebar/resources?apikey=a6xbv9u1dqakfy2mr1xlyq

Requested by

Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/embed.js?apikey=a6xbv9u1dqakfy2mr1xlyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4ad6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d1de0fafe84224f21321eee92e30f47fedbeea0acc8d790977ffcc59ab08180

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sidebar.bugherd.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 03 Mar 2024 04:33:57 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 vegur
p3p: CP="NOI ADM DEV COM NAV OUR STP"
content-length: 369
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709440437&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=cLHE5Dy2JnqfsiVh1A22%2BzY4CK7n1cqAFihKmZ4OkWs%3D
x-request-id: 547781ea-fe75-4058-826a-4c032aba9018
x-runtime: 0.005496
referrer-policy: origin
server: cloudflare
etag: W/"0290a1a03797270f67a9898227a94723"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709440437&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=cLHE5Dy2JnqfsiVh1A22%2BzY4CK7n1cqAFihKmZ4OkWs%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
cache-control: no-cache
access-control-allow-credentials: true
access-control-max-age: 1728000
accept-ranges: bytes
cf-ray: 85e6e94e58e219ad-FRA
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary: Accept,Accept-Encoding

GET
H/1.1 200
OK universal.js Show response
cdn.socialannex.com/partner/9911061/ 6 KB
3 KB 140ms
17ms Script
application/javascript 2a02:26f0:7100::213:c6fa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.socialannex.com/partner/9911061/universal.js
Requested by: Host: www.herinteractive.com
URL: https://www.herinteractive.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c6fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56cfd4499f57f6d6d18ccb0963f5dd382764f6e32056abe64519cd9613efe5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 04:33:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jan 2022 13:22:32 GMT
Server: AmazonS3
x-amz-request-id: ZSNCDNEB6PNTV7PA
ETag: "61bf3325575bf6096649b819ac2e0f7c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=93600
Content-Length: 2380
x-amz-id-2: ii3R2YNShdqeQrBxOmn4nh0ByC/l3wApt9JLja/P3EB+qwXcqMLTG7O8zh/7//rgfTTd+BPhHnY=

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 144ms
24ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bb097ea47120dc9f587acd2728742fa4b8681684da737e1ef4cc3919559465d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12351
x-xss-protection: 0

GET
H3 200 795779737285189 Show response
connect.facebook.net/signals/config/ 6 KB
2 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/795779737285189?v=2.9.148&r=stable&domain=www.herinteractive.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

542ac3a79bb3eb7f98c65316a30472318b793bd62ea0e84f5c55f7dce244fda0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 03 Mar 2024 04:33:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: hYvuI7l0DABJoWTHmJogj4poRma5LY51zvVvmZnjrS/PcJR1xDrM8ygrWUDowgC7et6j1aXJCeN2P7rzx+2EpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 s4-main.min.js Show response
cdn.socialannex.com/s4/v2/js/ 15 KB
4 KB 35ms
20ms Script
application/javascript 2a02:26f0:7100::213:c6fa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.socialannex.com/s4/v2/js/s4-main.min.js
Requested by: Host: cdn.socialannex.com
URL: https://cdn.socialannex.com/partner/9911061/universal.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:7100::213:c6fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99bb7bb5a021bf12678ccd6e9688ff9279f67b3b7fa227626beb1d2b6f8d11d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: gzip
last-modified: Tue, 07 Jul 2020 13:42:40 GMT
server: AmazonS3
x-amz-request-id: KRS0WV28XQS4A160
etag: "19f6f69213fcead5d3bcfa151002e210"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 4138
x-amz-id-2: zlmPLA7tPQGPY+RdYAGcwMDqs/EJCtqnhBd3szdKtLRALwwD2RT5Paqtd9izThM0utea22agZXA=
quic-version: 0x00000001

GET
H2 200 /
www.facebook.com/tr/ 0
55 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1658163961105744&ev=ViewContent&dl=https%3A%2F%2Fwww.herinteractive.com%2F&rl=&if=false&ts=1709440438123&sw=1600&sh=1200&v=2.9.148&r=stable&ec=1&o=4126&fbp=fb.1.1709440436813.1210729732&ler=empty&cdl=API_unavailable&it=1709440436688&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 03 Mar 2024 04:33:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
75ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 04:33:58 GMT

GET
H2 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/1.10.19/ 18 KB
7 KB 29ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/1.10.19/sizzle.min.js

Requested by

Host: cdn.socialannex.com
URL: https://cdn.socialannex.com/s4/v2/js/s4-main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b49e9c04eb2c8782592fb989b6b16ec320a17e6bb51db0c8603bb7ef687b931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 206203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6386
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-488b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0JzIcCUUPs2FLmIrWuHEMpfIvUynuRsX4gb6D177JiZvrZyDNtXsbjjFESrYksyqIh2Pc7JWyqIY7KJscE5JyNLAu%2FJ92OAKjMfINGoItwsn3fQ1UB6u9EmP%2FrNRQ1TVwogsvZj4KDQUWgWyUpsVYes"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85e6e9529df5190f-FRA
expires: Fri, 21 Feb 2025 04:33:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=795779737285189&ev=PageView&dl=https%3A%2F%2Fwww.herinteractive.com%2F&rl=&if=false&ts=1709440438168&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1709440436688&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 03 Mar 2024 04:33:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 get_s4_config.php Show response
s4.socialannex.net/v2/service/ 64 B
570 B 372ms
151ms Script
text/javascript 54.83.166.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.socialannex.net/v2/service/get_s4_config.php?siteid=9911061&incentiveID=1&callback=s4callback_1709440438193
Requested by: Host: cdn.socialannex.com
URL: https://cdn.socialannex.com/s4/v2/js/s4-main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.166.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-166-186.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ea1a22e2beb6c8deaf9edcc69e3d0dfdb67c7cf42b7ee7b957db6ba82255f3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: gzip
server: Apache
vary: Origin,Accept-Encoding
p3p: CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
cache-control: no-cache,no-store
content-length: 83

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CE8 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 13:55:48 GMT
expires: Sun, 02 Mar 2025 13:55:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 82ED 829 B
991 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b39401423d38537a214bb8e8bfd2e0a19585715935b5e00a0dbcfb5a1cbc5879

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dpe9lqIFpoaDfzrFwzrhqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Dpe9lqIFpoaDfzrFwzrhqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 04:33:58 GMT
expires: Sun, 03 Mar 2024 04:33:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CE8 40 KB
15 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 13:32:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 82ED 0
0 41ms
37ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402220101&jk=2144164665191683&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1CE8 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xqeCNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 getcss_9911061_1.css
cdn.socialannex.com/getcss/9911061/4/ 1 KB
595 B 8ms
8ms Stylesheet
text/css 2a02:26f0:7100::213:c6fa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.socialannex.com/getcss/9911061/4/getcss_9911061_1.css
Requested by: Host: cdn.socialannex.com
URL: https://cdn.socialannex.com/s4/v2/js/s4-main.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:7100::213:c6fa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f225317997e2696e6da00c298d573ae78561bd2cb65021bf3d71448402451a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
content-encoding: gzip
last-modified: Fri, 29 Nov 2019 09:09:57 GMT
server: AmazonS3
x-amz-request-id: 6E2XC5YXXYWN1561
etag: "a5d21b09f232e3b01e3431ebaa2d8522"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 571
x-amz-id-2: Df7PEdiewSqu31/ox4Ih7bQ2XYs2iy19e7jgAmy5OkS/d+B6a8URXxqOaqtZQsTnTGsEgRKo4XU=
quic-version: 0x00000001

GET
H2 200 s4_main_iframe.php Show response
s4.socialannex.net/v2/service/ Frame 0B55 11 KB
3 KB 106ms
106ms Document
text/html 54.83.166.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.socialannex.net/v2/service/s4_main_iframe.php?siteid=9911061&saopen=null&src_pageurl=https%3A%2F%2Fwww.herinteractive.com%2F&incid=1&prodesc=The%20official%20site%20for%20Nancy%20Drew%20Games.%20Get%20adventure%20and%20mystery%20games%20for%20girls%20of%20all%20ages.&prodimg=%2F%2Fcdn.socialannex.com%2Fcustom_images%2F9911061%2FN6VJVD_logo2.png&prodtitle=Check%20out%20Nancy%20Drew%20Games%20and%20save%2020%25%20Off%20by%20Her%20Interactive&loyaltyUserId=null
Requested by: Host: cdn.socialannex.com
URL: https://cdn.socialannex.com/s4/v2/js/s4-main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.166.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-166-186.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 192ab0a15418ced584109fee423fa2603af6832d76a26092cf66b7bc2766efad

Request headers

Referer: https://www.herinteractive.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 3112
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 04:33:58 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ Frame 0B55 98 KB
17 KB 18ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: s4.socialannex.net
URL: https://s4.socialannex.net/v2/service/s4_main_iframe.php?siteid=9911061&saopen=null&src_pageurl=https%3A%2F%2Fwww.herinteractive.com%2F&incid=1&prodesc=The%20official%20site%20for%20Nancy%20Drew%20Games.%20Get%20adventure%20and%20mystery%20games%20for%20girls%20of%20all%20ages.&prodimg=%2F%2Fcdn.socialannex.com%2Fcustom_images%2F9911061%2FN6VJVD_logo2.png&prodtitle=Check%20out%20Nancy%20Drew%20Games%20and%20save%2020%25%20Off%20by%20Her%20Interactive&loyaltyUserId=null

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s4.socialannex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 04:33:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 860
age: 8044515
cdn-cachedat: 08/25/2022 04:46:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"8a7442ca6bedd62cec4881040b9a9e83"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dfa42f7d8fed91579a7ade936ecae16d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85e6e955cd2a3aa2-FRA
cdn-requestpullsuccess: True

GET
H2 200 c-incentive-cookie.php Show response
c1.socialannex.com/ Frame 2364 0
273 B 308ms
97ms Document
text/html 35.170.87.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.socialannex.com/c-incentive-cookie.php?site_id=9911061&incentive_id=1&random=3828
Requested by: Host: s4.socialannex.net
URL: https://s4.socialannex.net/v2/service/s4_main_iframe.php?siteid=9911061&saopen=null&src_pageurl=https%3A%2F%2Fwww.herinteractive.com%2F&incid=1&prodesc=The%20official%20site%20for%20Nancy%20Drew%20Games.%20Get%20adventure%20and%20mystery%20games%20for%20girls%20of%20all%20ages.&prodimg=%2F%2Fcdn.socialannex.com%2Fcustom_images%2F9911061%2FN6VJVD_logo2.png&prodtitle=Check%20out%20Nancy%20Drew%20Games%20and%20save%2020%25%20Off%20by%20Her%20Interactive&loyaltyUserId=null
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.87.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-87-152.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s4.socialannex.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 04:33:58 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: Apache

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 40ms
39ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=2144164665191683&bg=!-Pul-7TNAAauXHXJjlw7ADQBe5WfOKLY3eB0Lyaj9xZ6xntXAFZie5zBZvVPk-23rWcQe1ear9b2aYlCDXRJBQ0-bEx1AgAAADNSAAAAAmgBBwoAFzHeaWTyFlZ6HDrCEvO8M0hka3njhyafmQLNlUsCJ91GEJGMDlPFHe91hhupR8W4Fijg0q95gotF5uHwswYtYKqtmDC9A0czVHO0haAEBTVynCvqg_vTVpKpvDp5ZAu9FatUuzsLHtU261JXUfvtt5dijUA3zIYu8uayZ0bafZf_pc7klr6VKq6GEYBN-NC_twmO8H3aFBIWErAvdHQaMhzfkE8l6tyjlNS8JeVnCpUmZvzmX6V8thqzqc_MoydSacfFFvwVrSO6Iuz-seWKDn7b8GMgzLEHUf3wQxlaCwQLL2coF-84YP9X4owe2xozK70e9XJGg1tcs0liwZLaV2OsNvDPbb2IFyiIwMERCalyJvsibkvQyZk9wqJZbq1t22Ek8N9EoVtq9_kMKvrStx1lz8aFVkOUWX--RGQToraj2FCJtypJwDH_vJtKvWpYojX1FkgZYdIFDIk4oR3eaqc51S5rdkA9fDyjgDqYEteZRATNcPinY88ITEe-Kasx-gGSO8nZYH3zk_ZbEwSUulzWaWwSY7tYWghqzBte7aDHFxTpCrlq471GbHqEhawT13zGhk9VGUkIfjEPrbVjB4lYZ-5kHGI_jbW7ifx-ymn-7k6MY1wKeJuLw8DKEHVWbnFN7N4qRaQDx2oFxYohMkrvVwn3L1K4rCmXdjB8fcq1eWwLUctBQ9_KsjEeeTULeVNL6FQ3-nTNDoFR8f7EPBOb1O3hlpRtJ0xia-CozdK_wsix6KqKkfvhZ5xL_aGacrQbUBtMmJ4AI_dXTwpj1JI-uNoCPE-UUZ3cucCgmxzAx8ul6FPxBvT71x7ajD4taVytNCADrrCzdVfB33yA-ZsXhAmLKK4toIRJF3l8RpGabRoZH14xN8aQ3dQ5qgPbMvQK2hAAS0EjIb87Ibhjzkn6TgVEmJ7d8wRo6xzRwY8QebrXcfN4CULtTC_eZZF_JWqHyyCV9CPjBBIQijFg5r0xngazMvJq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.herinteractive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4A6D 28 B
50 B 20ms
19ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time: 1709440439119
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ucQKXq92tzM
X-YouTube-Client-Version: 1.20240227.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgsydXNRaUtjQXZYOCi0-4-vBjIKCgJERRIEEgAgDw%3D%3D
X-YouTube-Ad-Signals: dt=1709440436931&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 03 Mar 2024 04:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 18:50:41	Name: test_cookie Value: CheckForPermission
.herinteractive.com/	1970-01-21 04:26:40	Name: _ga_66B4NH7G1X Value: GS1.1.1709440436.1.0.1709440436.60.0.0
.herinteractive.com/	1970-01-21 04:26:40	Name: _ga Value: GA1.1.501921739.1709440437
.herinteractive.com/	1970-01-20 21:00:16	Name: _fbp Value: fb.1.1709440436813.1210729732
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: JVMwqJAJuv8
.youtube.com/	1970-01-20 23:09:52	Name: VISITOR_INFO1_LIVE Value: 2usQiKcAvX8
.searchiq.co/	1970-01-20 18:50:42	Name: __cf_bm Value: XlcoNYyLafYpXXFcMznZRW8VYRG2yq9gfw4VbPkcR80-1709440436-1.0.1.1-MS0zEQpYKY38_PuMhitQvl1C3g157gro.Wadc4BO18FolsedmhlGAukml0CfYeFvUBUg3fQvTQAep3Ryo2X9_w
.herinteractive.com/	1970-01-20 23:09:52	Name: __eoi Value: ID=94d8601293460983:T=1709440436:RT=1709440436:S=AA-AfjZh6cbbJSDDH5FHVraUCVlu
.socialannex.net/	1970-01-21 03:36:16	Name: 9911061_s4_servecount Value: v79eq6k86f
.socialannex.net/	1970-01-21 03:36:16	Name: incentive_9911061 Value: 1_0_1_4_1
www.herinteractive.com/	1970-01-20 18:52:06	Name: s4_visits Value: 1
.socialannex.com/	1970-01-21 04:26:40	Name: incentive_9911061 Value: 1_0_1_4_1

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1658163961105744?v=2.9.148&r=stable&domain=www.herinteractive.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.herinteractive.com/wp-admin/admin-ajax.php Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.herinteractive.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.searchiq.co
c1.socialannex.com
c5ee46694b24af8675fc2b12dcf50fab.safeframe.googlesyndication.com
cdn.jsdelivr.net
cdn.socialannex.com
cdnjs.cloudflare.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
insight.adsrvr.org
jnn-pa.googleapis.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
pub.searchiq.co
region1.analytics.google.com
s4.socialannex.net
securepubads.g.doubleclick.net
sidebar.bugherd.com
static.doubleclick.net
static.searchiq.co
stats.g.doubleclick.net
tpc.googlesyndication.com
www.bugherd.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.herinteractive.com
www.youtube.com
yt3.ggpht.com
104.196.213.160
13.225.83.200
142.250.186.130
2001:4860:4802:34::36
2606:4700:10::6816:4ad6
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2001
2a00:1450:4001:808::2016
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:400c:c02::9c
2a02:26f0:7100::213:c6fa
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.33.220.150
35.170.87.152
54.83.166.186
013418a7deb316b1d13ecf61cbe4e66cca71a89bcffa6a484d04c535ecd65c90
02a1d8f91170832badcc90c589f0b716202172c57421404103c2e4adcaea4601
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
192ab0a15418ced584109fee423fa2603af6832d76a26092cf66b7bc2766efad
1a8d3ecee24ed2ef6a90d020f73492e00018feae220e58ad9788e2964003d087
1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23
22190435a81c75d7b83ea0b778066adcf3d1f931a128c03651aff7438e1f1b7c
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
265c682e56e54a7b2799aee27ce9d738064a3cb259462925174e4a9c87116549
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
29d3fd1cef3a77ae809f0ab0ed74bdc2c4f604809fef572f5c1215507321d652
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de9899bb34107a4355943c3752b8193992d4f2fbf4579989f04bc72e536aca6
2f225317997e2696e6da00c298d573ae78561bd2cb65021bf3d71448402451a8
32218f6f5efc02567e553c2216ea08109419d85617a9a07df85dee52a23ada76
3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a8a6c5d689ab55a02434c2e9080966aef03ce20cb30b70c7b367effd48ea933
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
542ac3a79bb3eb7f98c65316a30472318b793bd62ea0e84f5c55f7dce244fda0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cfd4499f57f6d6d18ccb0963f5dd382764f6e32056abe64519cd9613efe5bd
59bffddaec5c82345d1a66114541e6ea3b05072f6fced7d66cae6d0309383160
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bba92f99f2514add495efe994a74f8602180e17ff646d9d4260f3bc8302f043
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1
5f960119fff15c0089fb30e4460c7caad6768e92bef65d85c947b0272d9a4b15
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ac7fb7a606a3e8d25ab8de446debcb97441c10258e7c654516e0f08b7d01fe
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6b49e9c04eb2c8782592fb989b6b16ec320a17e6bb51db0c8603bb7ef687b931
6bb23a6c1a51b26c290ef80dcd9c4af0147e1eade6645e32bd0bb8010451bcdb
6bb8e37f2f56e3c68f63f044471b5d20a00b400b205cba87c0c692c2f770454b
6d1a8930c1bb68a5a98d862f037fc4fc4a5e54112f1c92ba5ed960ce74d60d29
6d23edf6e480d0bf0e24c6d333c8c52363e26d07b543c7be972c34c7a170da7c
6eef94142717dc0a43112a95f3af7c29e300d217ad4d66de615ca50ac581c8aa
71e1bc3730bedb6244c94ed7fbe0679593231e56fab68cb639d2bec476dc3ebd
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
768b2c41b5b1af4878b6607d3b0f17e650350ecba202e426e2c1dd881d049331
7691e043b17091e691ed098a443f6afb0cf81acbe235857e51f57c0b537dccb8
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7ba93c5f64511538593335e5d61ceb85ad22381bc809ca85908db07322060585
7bb097ea47120dc9f587acd2728742fa4b8681684da737e1ef4cc3919559465d
7dd415624ecbba3d9ed1e163260a85a20a375d4b81a01689ee663f21ccde35c0
81dc8d8e9a84f2311c4e14be1ca8bdefe710b75b1ae4a36b806ae27a9098b9f5
831e8ccba89b7f1dea3f581481146510e530f49fce2279bad55feae8aea42c13
836881a5f8484865d73254c7707b85ba49cc7affc9081c69c40e70f7c327f704
847661d6ea71238999e2218bbf661384d2b38655419818e2bc142314623a6131
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8763b475e37bfac2fe719cee8041ce66deb6dae6802e5ab885ef241073baacfe
891fe6e4ce6838ae786178ab94dd0debfd66a786d62a28a67a5da0ab313cc8dd
8ae38d44627202218c2501ed8c9950eca6e2d9df86e944d5fe71754edfb8fd72
8d1de0fafe84224f21321eee92e30f47fedbeea0acc8d790977ffcc59ab08180
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9240d777eb64cf49623a4b94120b9939e9a60348996672d112b8a3e0492bd0e7
99bb7bb5a021bf12678ccd6e9688ff9279f67b3b7fa227626beb1d2b6f8d11d2
9cccd4d3bb1424c0ce0322a6ef3602537e70dd9eb50dd540764a518c7a2eed7d
9cdde88da8a69e112c037d4faedb4369f63d0b32b015aeb8a29ca603563a1910
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a5fbb43cd31f069d139ccc116ea800c029aabe50fde05fecdcbe0028f7e51aac
adf1a9b642380967dcc1bdf3e07d001afd0e1cce1cf655bbfef0147e826a6de9
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b39401423d38537a214bb8e8bfd2e0a19585715935b5e00a0dbcfb5a1cbc5879
b6768247b46c239d6c68adb931488d0c31dca808e63bdb45e4f228610a92f685
bafee7ddcef9537322bf5a84d234eee48b357cf612d7916747bf6962618cd65b
bd4750a7638750ac9bee99263d3961fe8753f916ff9a175fc9c69599579485b3
c446d0e467059aa65a85f3230254a0829472e60c6032068d4c7b073e768aaf3c
c815f0cb2d6e09219a33df3ccc339ef983f1a7e5fb90b65b8b136d1afaad6512
c878ae01acb387b657157bdb20eacf932bfce70c26800dacb97a0023a2adc70c
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
ca7f76c08696341125a7f2f7c11e56ca762e67fc3afd64b02d820128c8e13867
cbd5998fc0b95415f437f9356658afab3147f831dd0793969e27b9840f7253e1
cfe3d24f588584efd9268e09362fafb4365c90fab9e685a1a79d07b150adbf99
d1ec4c01363d109580e510c867af94e36d2a9f3a3bfd39db288ee0dbd495f47a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbbe4e8229134375fb2b3d9609c4256f4f1ab52bdbbbf3f4393d041643c87306
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de339f2baa0904241f06c185f1479cb087aa5f393abf82f0f365ead91e62ad82
de75e85c035c2627c705117cd12d90810ac7c6f0359d6541b88abd2f5ef485ec
e07323f3afec4d23951d1567cb63c88945d6a408c9baa0cffd446c14559ec1f9
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ea1a22e2beb6c8deaf9edcc69e3d0dfdb67c7cf42b7ee7b957db6ba82255f3fb
ec0aba00242980737b1aa3b813009140651a3320f52832b6a2c5a5733f535411
ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c93ff4bccf15c84d98bf8d39050ea09caa29bd718b79d30f1548f8cd999a8c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8dc912fbe7d998c8aad64c54c6963e09c495d9967b3a88785e01778f7a97ad3
fce142aecdaf2c7c5f1ca34d5372a09cd7c2c644f94d7c0562745c6937faed98
fed9d2aeccc177d96557ee36e5ec7375b10e9009dfff27fc53b9ed8203dbe234

www.herinteractive.com Open in urlscan Pro 104.196.213.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

98 %HTTPS

83 %IPv6

24 Domains

38 Subdomains

36 IPs

3 Countries

15227 kBTransfer

20122 kBSize

12 Cookies

14 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.herinteractive.com Open in urlscan Pro
104.196.213.160 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

98 %
HTTPS

83 %
IPv6

24
Domains

38
Subdomains

36
IPs

3
Countries

15227 kB
Transfer

20122 kB
Size

12
Cookies

118 HTTP transactions
1 data transactions