bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u27095954.ct.sendgrid.net/ls/click?upn=uhOGxSTFTYg06fGuRVOAt17aduQYMESl-2BoEfw-2BOVofuCOZXAkeU722Trb9rdZCST1hKmWdfCEUQHGt4...
Effective URL:
https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Submission: On June 14 via manual (June 14th 2022, 12:44:45 pm UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Behaviour Indicators

Summary

This website contacted 57 IPs in 4 countries across 49 domains to perform 160 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link.
TLS certificate: Issued by R3 on May 26th 2022. Valid for: 3 months.

This is the only time bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
3	2602:fea2:2::1 2602:fea2:2::1	40680 (PROTOCOL) (PROTOCOL)
1	173.208.219.12 173.208.219.12	32097 (WII) (WII)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 55	52.162.218.125 52.162.218.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:803::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223d:ca00:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223c:2c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
12	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	69.192.161.152 69.192.161.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.57.130.8 52.57.130.8	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	108.138.17.80 108.138.17.80	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.213.203.65 52.213.203.65	16509 (AMAZON-02) (AMAZON-02)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.185.225.109 18.185.225.109	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.210.53.250 18.210.53.250	14618 (AMAZON-AES) (AMAZON-AES)
1 2	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4200:89fa:b3ea:e7c5:29d9	14618 (AMAZON-AES) (AMAZON-AES)
1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
1	54.171.37.193 54.171.37.193	16509 (AMAZON-02) (AMAZON-02)
1 2	18.195.192.101 18.195.192.101	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	52.222.236.129 52.222.236.129	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.74 18.66.122.74	16509 (AMAZON-02) (AMAZON-02)
1	52.48.114.92 52.48.114.92	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	3.92.120.28 3.92.120.28	() ()
160	57

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u27095954.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:fea2:2::1 (United States)

ASN40680 (PROTOCOL, US)

bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.208.219.12 (United States)

ASN32097 (WII, US)
PTR: salty.sheparddietimportance.us

www.pngitem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 52.162.218.125 (Chicago, United States) 6 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.avera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:ca00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

30531.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20770730p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.130.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-130-8.eu-central-1.compute.amazonaws.com

69057.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-80.fra56.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.203.65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-203-65.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.225.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.53.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-53-250.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:89fa:b3ea:e7c5:29d9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.37.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-37-193.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.192.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-129.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.114.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (None, )

ASN- ()

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	avera.org 6 redirects www.avera.org — Cisco Umbrella Rank: 232167	1 MB
12	youtube.com www.youtube.com — Cisco Umbrella Rank: 100	826 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	200 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2036 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3833 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3819 tracking.crazyegg.com — Cisco Umbrella Rank: 3678	34 KB
7	gstatic.com t3.gstatic.com fonts.gstatic.com www.gstatic.com	81 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	851 B
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329 fonts.googleapis.com — Cisco Umbrella Rank: 67 jnn-pa.googleapis.com — Cisco Umbrella Rank: 324	61 KB
5	rfihub.com 2 redirects 20770730p.rfihub.com — Cisco Umbrella Rank: 870606 a.rfihub.com — Cisco Umbrella Rank: 3359 p.rfihub.com — Cisco Umbrella Rank: 796	7 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 static.doubleclick.net — Cisco Umbrella Rank: 411	3 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1573 m.addthis.com — Cisco Umbrella Rank: 1515 x.dlx.addthis.com — Cisco Umbrella Rank: 1199	217 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	277 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 344	524 B
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 7028 cm.teads.tv — Cisco Umbrella Rank: 7429 t.teads.tv — Cisco Umbrella Rank: 2427	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 389	12 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9	14 KB
3	dweb.link bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link	6 KB
2	pardot.com pi.pardot.com	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 687	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 530	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 212	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 247	2 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7332	42 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2534	29 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	37 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 236	3 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 468	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 459	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1068	183 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1979	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1741	791 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1172	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	616 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1079	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 358	239 B
1	siteimproveanalytics.io 69057.global.siteimproveanalytics.io — Cisco Umbrella Rank: 754238	620 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1819	932 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 413	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5111	548 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5423	6 KB
1	tctm.co 30531.tctm.co — Cisco Umbrella Rank: 711003	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1423	40 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 4126	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	24 KB
1	pngitem.com www.pngitem.com — Cisco Umbrella Rank: 58498	55 KB
1	sendgrid.net 1 redirects u27095954.ct.sendgrid.net	313 B
160	49

	Domain	Requested by
55	www.avera.org	6 redirects bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link www.avera.org
12	www.youtube.com	www.avera.org www.googletagmanager.com www.youtube.com
9	www.googletagmanager.com	www.avera.org www.googletagmanager.com
6	www.facebook.com	www.avera.org
4	jnn-pa.googleapis.com	www.youtube.com
4	connect.facebook.net	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link connect.facebook.net
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	idsync.rlcdn.com	1 redirects www.avera.org
3	p.rfihub.com	2 redirects www.avera.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.avera.org
3	s7.addthis.com	www.avera.org s7.addthis.com
3	www.google.com	1 redirects www.avera.org www.youtube.com
3	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
2	pi.pardot.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link pi.pardot.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects www.avera.org
2	sync.search.spotxchange.com	1 redirects www.avera.org
2	dsum-sec.casalemedia.com	1 redirects www.avera.org
2	dpm.demdex.net	1 redirects www.avera.org
2	ib.adnxs.com	1 redirects www.avera.org
2	cm.g.doubleclick.net	2 redirects
2	solutions.invocacdn.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link solutions.invocacdn.com
2	googleads.g.doubleclick.net	www.googleadservices.com www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	t.teads.tv	www.avera.org
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	beacon.krxd.net	www.avera.org
1	aa.agkn.com	www.avera.org
1	partners.tremorhub.com	www.avera.org
1	x.dlx.addthis.com	www.avera.org
1	bpi.rtactivate.com	www.avera.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.avera.org
1	contextual.media.net	www.avera.org
1	ps.eyeota.net	www.avera.org
1	pixel.rubiconproject.com	www.avera.org
1	a.rfihub.com	www.avera.org
1	cm.teads.tv	p.teads.tv
1	69057.global.siteimproveanalytics.io	www.avera.org
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.google.de	www.avera.org
1	20770730p.rfihub.com	c1.rfihub.net
1	p.teads.tv	www.googletagmanager.com
1	c1.rfihub.net	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	30531.tctm.co	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.avera.org
1	fonts.googleapis.com	www.avera.org
1	t3.gstatic.com
1	stackpath.bootstrapcdn.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	ajax.googleapis.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	maxcdn.bootstrapcdn.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	cdnjs.cloudflare.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	code.jquery.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	www.pngitem.com	bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
1	u27095954.ct.sendgrid.net	1 redirects
160	65

This site contains no links.

Subject Issuer	Validity	Valid
stage.ipfs.io R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
pngitem.com R3	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.avera.org DigiCert TLS RSA SHA256 2020 CA1	`2021-12-14` - `2023-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.tctm.co Amazon	`2021-10-09` - `2022-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
invocacdn.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Frame ID: 70D684721D909D3E45FB7592B176192B
Requests: 12 HTTP requests in this frame

Frame: https://www.avera.org/
Frame ID: 6E84DB1DF141725001E954F0AE0A917D
Requests: 108 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&ra=5765524946031049
Frame ID: 50B8727374AB955377498F366A263FFF
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4
Frame ID: 509A261280BE9B0A5397989E81D73E86
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Frame ID: 34E3E8FFB66310F1F4F645D7794F880F
Requests: 20 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DCDF5AAF86FF999249445C250E3F845F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C76183CB532220073AF8DD91E4487993
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Portal Login - avera.org

Page URL History Show full URLs

https://u27095954.ct.sendgrid.net/ls/click?upn=uhOGxSTFTYg06fGuRVOAt17aduQYMESl-2BoEfw-2BOVofuCOZXAkeU722Trb9r... HTTP 302
https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

160
Requests

88 %
HTTPS

47 %
IPv6

49
Domains

65
Subdomains

57
IPs

4
Countries

3165 kB
Transfer

8230 kB
Size

38
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u27095954.ct.sendgrid.net/ls/click?upn=uhOGxSTFTYg06fGuRVOAt17aduQYMESl-2BoEfw-2BOVofuCOZXAkeU722Trb9rdZCST1hKmWdfCEUQHGt4uoA6xt2BxHTopd24tN-2F4igBkq3FvAZfRpllHK2OxzYA7jH-2FB5xqbKWbikUTOIpYVk-2BaEsC6vlV41rU5giwvVf6pptRWc-3DZwUW_3fFRyxjWaJCUFnAGuEvdv8CGUIRsNb9eH22GRJKmuXsT0sv7vOutTsv6uECy5-2FC3QK4Ek0QGPquk9jIHdeO0ZNpnzBYf1-2FGfL4-2BLtPfYCH2ouB3yWzT6fW32oZWNTT02tyqL793toj9O-2F-2FjwpVzsUR4hcseQxaI-2BbKiBFIAQ7-2BlrrI04OC3LcbxLo-2Bew8ec5RneVWcQporLj-2BqX8cLO82a4hORsYVgAL4h8DGoWIQKI-3D HTTP 302
https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/s2/favicons?domain=avera.org HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

Request Chain 39

https://www.avera.org/app/files/public/t-cells-attacking-cancer-cell-illustration.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg?size=small

Request Chain 40

https://www.avera.org/app/files/public/young-woman-eyes-closed-smiling.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg?size=small

Request Chain 41

https://www.avera.org/app/files/public/social-determinants-of-health-illustration.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg?size=small

Request Chain 89

https://www.avera.org/app/files/public/t-cells-attacking-cancer-cell-illustration.jpg HTTP 302
https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg

Request Chain 90

https://www.avera.org/app/files/public/young-woman-eyes-closed-smiling.jpg HTTP 302
https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg

Request Chain 91

https://www.avera.org/app/files/public/social-determinants-of-health-illustration.jpg HTTP 302
https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg

Request Chain 106

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMDk2NDAzODk3Nw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP6ogvh96RFwnongX6BZras&google_cver=1

Request Chain 107

https://ib.adnxs.com/setuid?entity=18&code=5140084920964038977 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084920964038977

Request Chain 109

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084920964038977&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084920964038977&redir=

Request Chain 110

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5140084920964038977&bid=omt9pi0

Request Chain 113

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084920964038977&referrer=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=73975b98-4ffd-4687-8267-7d0535295d0a%3A1655210683.9&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D73975b98-4ffd-4687-8267-7d0535295d0a%253A1655210683.9 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=73975b98-4ffd-4687-8267-7d0535295d0a%3A1655210683.9 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJVIIP-5g034ERrdcBfAg3g&google_cver=1

Request Chain 115

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward=&C=1

Request Chain 118

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084920964038977&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084920964038977&img=1&__user_check__=1&sync_id=c3f8023b-ebdf-11ec-9086-156973b60406

Request Chain 122

https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920964038977&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084920964038977&expires=30

Request Chain 123

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YqiCvAAI3G6c7wAo HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiCvAAI3G6c7wAo&_test=YqiCvAAI3G6c7wAo

160 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Redirect Chain

https://u27095954.ct.sendgrid.net/ls/click?upn=uhOGxSTFTYg06fGuRVOAt17aduQYMESl-2BoEfw-2BOVofuCOZXAkeU722Trb9rdZCST1hKmWdfCEUQHGt4uoA6xt2BxHTopd24tN-2F4igBkq3FvAZfRpllHK2OxzYA7jH-2FB5xqbKWbikUTOIpY...
https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

14 KB
6 KB

41ms
7ms

Document
text/html

2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

f3164bf8bcf72bfb5d57247b424d008ff562c630244d32407cb6253c82f7af8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-encoding: gzip
content-type: text/html
date: Tue, 14 Jun 2022 12:44:40 GMT
etag: W/"bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm"
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-ipfs-gateway-host: ipfs-bank2-fr2
x-ipfs-lb-pop: gateway-bank3-fr2
x-ipfs-path: /ipfs/bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm/
x-ipfs-pop: ipfs-bank2-fr2
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 132
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Jun 2022 12:44:40 GMT
Location: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/#angela.fontaine@avera.org
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 404 jquery-1.11.1.min.js.download
bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/js/ 0
0 13ms
12ms Script
text/plain 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/js/jquery-1.11.1.min.js.download

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
x-content-type-options: nosniff
x-ipfs-pop: ipfs-bank7-fr2
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length: 201
server: openresty

GET
H2 404 favicons
bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/images/ 188 B
188 B 13ms
13ms Image
text/plain 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/images/favicons

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

95a24402108bec4d1b360a52e00004f522d96ee204e384bcfe834c8dceb03c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
x-content-type-options: nosniff
x-ipfs-pop: ipfs-bank7-fr2
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length: 188
server: openresty

GET
H/1.1 200
OK 26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
www.pngitem.com/pimgs/m/ 55 KB
55 KB 871ms
559ms Image
image/png 173.208.219.12
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngitem.com/pimgs/m/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.219.12 , United States, ASN32097 (WII, US),
Reverse DNS: salty.sheparddietimportance.us
Software: nginx/1.14.0 /
Resource Hash: 42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:41 GMT
Last-Modified: Tue, 15 Oct 2019 13:09:45 GMT
Server: nginx/1.14.0
ETag: "5da5c519-db2d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56109

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 41ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Origin: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-10fdd"
vary: Accept-Encoding
x-hw: 1655210680.dop004.fr8.t,1655210680.cds272.fr8.hn,1655210680.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 67ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Origin: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 391637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVJ5gfPjVyO0H6ykvNRo9hNoa32LPxSX%2Bghtp5pjlGWMMg%2BREwoAwejMbKJ%2BpYLg0KkZ1mHWcjpTbXQEfwshZZowMc2%2FB0cDFrqJK%2FmxvDxBKhglftvcYG7T7IHaLYYQ%2F5HjaEEytlEVsNYbKgjLy6Rq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71b328a1bb1acc4a-ZRH
expires: Sun, 04 Jun 2023 12:44:40 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 53ms
26ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Origin: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 3393
cdn-cachedat: 03/10/2022 17:24:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 88fc33955049777eac3ff647e812349a
cf-ray: 71b328a1bc7bcc46-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 09:07:30 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 57ms
25ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 718, 718
age: 4178439
cdn-cachedat: 2021-04-27 05:43:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5f4af7230ff4eacb884d4c87f6925b67
cf-ray: 71b328a1cc8bcc46-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
www.avera.org/ Frame 6E84 46 KB
18 KB 1063ms
793ms Document
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d8c773f8d049754f9432e8c9a2caaae56a656bb3f0eb1a52e98382aff545ee8a

Request headers

Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 17509
Content-Type: text/html; charset=utf-8
Date: Tue, 14 Jun 2022 12:44:42 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge,chrome=1

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=avera.org
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

792 B
1 KB

50ms
7ms

Image
image/png

2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

Protocol

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 11:15:49 GMT
x-content-type-options: nosniff
age: 178132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 792
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.avera.org/favicon.ico
expires: Sun, 19 Jun 2022 11:15:49 GMT

Redirect headers

date: Tue, 14 Jun 2022 12:44:41 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Tue, 14 Jun 2022 13:14:41 GMT

GET
H/1.1 200
OK default.css
www.avera.org/css-min/ Frame 6E84 24 KB
8 KB 220ms
115ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/default.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 19:19:06 GMT
Server: Microsoft-IIS/8.5
ETag: "0f1f6725a7fd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7937
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.css
www.avera.org/css-min/ Frame 6E84 87 KB
26 KB 340ms
118ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/client.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 19:19:06 GMT
Server: Microsoft-IIS/8.5
ETag: "0f1f6725a7fd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 26216
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.css
www.avera.org/css-min/ Frame 6E84 294 KB
72 KB 360ms
135ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/avera.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 19:19:06 GMT
Server: Microsoft-IIS/8.5
ETag: "0f1f6725a7fd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 72982
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK home.css
www.avera.org/css-min/templates/ Frame 6E84 5 KB
3 KB 362ms
137ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/templates/home.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 19:19:15 GMT
Server: Microsoft-IIS/8.5
ETag: "80dc95785a7fd81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2160
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.avera.org/scripts/ Frame 6E84 93 KB
47 KB 356ms
130ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-1.11.3.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 16:58:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0f6fa3feb7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 47758
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.avera.org/scripts/ Frame 6E84 7 KB
5 KB 353ms
127ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:36 GMT
Server: Microsoft-IIS/8.5
ETag: "0b230558c61d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4079
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 6E84 150 KB
67 KB 364ms
138ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Wed, 14 Jun 2023 12:00:49 GMT
Cache-Control: public
Content-Length: 68352
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 6E84 14 KB
4 KB 459ms
116ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Wed, 14 Jun 2023 10:00:16 GMT
Cache-Control: public
Content-Length: 3308
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 css2
fonts.googleapis.com/ Frame 6E84 26 KB
2 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 12:38:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 12:44:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 12:44:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6E84 104 KB
40 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9663759

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25ec9ff403641bdf5e0409df2cbaa6284be658b757f490036580bb3fd037a5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40918
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ Frame 6E84 8 KB
8 KB 184ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-rev-white.png
www.avera.org/imgs/ Frame 6E84 6 KB
6 KB 114ms
114ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-rev-white.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6225
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-chart.png
www.avera.org/imgs/ Frame 6E84 6 KB
7 KB 208ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-chart.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6373
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK search-icon2x.png
www.avera.org/imgs/icons/ Frame 6E84 2 KB
2 KB 193ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/search-icon2x.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2084
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 6E84 23 KB
7 KB 117ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637814437746327080
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/x-javascript
Expires: Wed, 14 Jun 2023 12:00:55 GMT
Cache-Control: public
Content-Length: 6768
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.js Show response
www.avera.org/scripts/ Frame 6E84 42 KB
17 KB 116ms
116ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/client.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d0371ad375313e56a842adb9e32aa656261dadb033bc6d6e46c0db5695cf6f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 16:58:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0f6fa3feb7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 16704
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 6E84 4 KB
1 KB 115ms
115ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=xOX35DcLGnQUQWyGiY1yPWRICwmw97Rz5mvhBxjeimDlkJbQ6UPJ10mO-dBfvKY9WSY3c6Dxgi_lUKjJpgWIr7yYJFjWU7QMv_O1ThF5DA7oUI65MlcUmSo1v7IrDc2G5kkx361X74lvmaeT3M2pqPl-pYNYZ_Ld0skuvebBwR-L_QX7kzOYJGwXzf0IRQTrHfWqi4lYXsuAENE1yS7plQ2&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Wed, 14 Jun 2023 11:01:41 GMT
Cache-Control: public
Content-Length: 1137
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ Frame 6E84 100 KB
36 KB 121ms
120ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=49337fe8
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 10:00:17 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 37031
Expires: Wed, 14 Jun 2023 10:00:17 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ Frame 6E84 39 KB
14 KB 119ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=49337fe8
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jun 2022 10:00:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 14430
Expires: Wed, 14 Jun 2023 10:00:57 GMT

GET
H/1.1 200
OK Homepage-.jpg
www.avera.org/app/files/public/72701/ Frame 6E84 119 KB
119 KB 128ms
127ms Image
image/jpeg 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/72701/Homepage-.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Wed, 05 Jan 2022 16:07:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="Homepage-.jpg"
Content-Length: 121740
Expires: Tue, 14 Jun 2022 12:49:43 GMT

GET
H/1.1 200
OK covid-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 9 KB
9 KB 120ms
120ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/covid-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 8848
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK billpay-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 5 KB
5 KB 120ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/billpay-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4772
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK records-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 1 KB
2 KB 121ms
121ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/records-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1525
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK greeting-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 2 KB
2 KB 119ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/greeting-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2163
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK prayer-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 2 KB
3 KB 119ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/prayer-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2418
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK donate-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 2 KB
2 KB 180ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/donate-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2215
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK employment-icon.svg
www.avera.org/imgs/icons/ Frame 6E84 4 KB
4 KB 204ms
141ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/employment-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "0be5e23eb7cd81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4050
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

t-cells-attacking-cancer-cell-illustration.jpg
www.avera.org/app/files/public/82766/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/t-cells-attacking-cancer-cell-illustration.jpg?size=small
https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg?size=small

1 KB
2 KB

133ms
132ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 56ae7d99284feddb3c1c729f69c3e3f173d31698005c40645e4957bc5ee3c0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="t-cells-attacking-cancer-cell-illustration.jpg"
Content-Length: 1420
Expires: Tue, 14 Jun 2022 12:49:43 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg?size=small
Cache-Control: private
Content-Length: 198
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

young-woman-eyes-closed-smiling.jpg
www.avera.org/app/files/public/82767/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/young-woman-eyes-closed-smiling.jpg?size=small
https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg?size=small

1 KB
2 KB

130ms
130ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 6769bfd63ebe0886bda8909f3ed9afd9654d0b41a5fa9c1ce3a8d01249ffd56e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="young-woman-eyes-closed-smiling.jpg"
Content-Length: 1157
Expires: Tue, 14 Jun 2022 12:49:43 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82767/young-woman-eyes-closed-smiling.jpg?size=small
Cache-Control: private
Content-Length: 187
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

social-determinants-of-health-illustration.jpg
www.avera.org/app/files/public/82765/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/social-determinants-of-health-illustration.jpg?size=small
https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg?size=small

1 KB
2 KB

378ms
378ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 741c2541dad2fd7e0b9821fda6eb974400448b6c08e0b7b42be0ba293a1432ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="social-determinants-of-health-illustration.jpg"
Content-Length: 1195
Expires: Tue, 14 Jun 2022 12:49:44 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82765/social-determinants-of-health-illustration.jpg?size=small
Cache-Control: private
Content-Length: 198
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Behavioral-Health-Addition-Exterior-Photo-Medium.png
www.avera.org/app/files/public/82485/ Frame 6E84 383 KB
384 KB 134ms
134ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82485/Behavioral-Health-Addition-Exterior-Photo-Medium.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Sun, 10 Apr 2022 14:33:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/png
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="Behavioral-Health-Addition-Exterior-Photo-Medium.png"
Content-Length: 392454
Expires: Tue, 14 Jun 2022 12:49:43 GMT

GET
H/1.1 200
OK movinghealthforward_tagline_72.png
www.avera.org/app/files/public/82030/ Frame 6E84 3 KB
4 KB 122ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Sun, 09 Jan 2022 16:59:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/png
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="movinghealthforward_tagline_72.png"
Content-Length: 3572
Expires: Tue, 14 Jun 2022 12:49:43 GMT

GET
H/1.1 200
OK facebook-gray.png
www.avera.org/imgs/ahp/ Frame 6E84 797 B
1 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 797
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter-gray.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
2 KB 116ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2116
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube-gray.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
2 KB 116ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1569
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest-gray.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
3 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2338
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin-gray.png
www.avera.org/imgs/ahp/ Frame 6E84 1 KB
2 KB 115ms
114ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-reversed.png
www.avera.org/imgs/ Frame 6E84 5 KB
6 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-reversed.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 5571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.js Show response
www.avera.org/scripts/ Frame 6E84 101 KB
37 KB 123ms
120ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/avera.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0d4ad087e1c9d8e93b63ad3a700aa946c68014dc5a9fdc07af24caa88a9a5399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 16:58:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0f6fa3feb7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 37209
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 6E84 353 KB
114 KB 71ms
21ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 14 Jun 2022 12:44:43 GMT
x-host: s7.addthis.com
content-length: 116379

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 6E84 334 KB
89 KB 66ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65094248025c0a27bf036d8a135099105ed0155dd39fb6b44ff3960eed236ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91212
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 siteanalyze_69057.js Show response
siteimproveanalytics.com/js/ Frame 6E84 14 KB
6 KB 195ms
135ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SQK7P9GKYAH8F98F
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5127
x-amz-id-2: 1uIbpHZJGJymmk0x75OjExKr0WoTbjxVON3pCos2XnfqYu0l6ALl43AeH+MswjCjOXm1xkDXcoc=
last-modified: Mon, 16 May 2022 09:44:16 GMT
server: cloudflare
etag: "0db568765387ecbf4ebab6b1396d61c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHd9sAIpUZcNKagTba0ePF%2Bw7UknWyHssRFMB4UadkKMYeEwBlDd3kEOtWao8X6EJpQUK%2FoejaIbfLQo9CV3Rz0uQXXMKvNoIO1KfqRikfo2Fu3HBwWb0T9i16PyenjgUW%2FviPNIqY2Ckr2LLYIbjTFvTrDRz1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 71b328b32813103f-MRS

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6E84 15 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 72298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:39:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6E84 15 KB
16 KB 29ms
11ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 14341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:45:42 GMT

GET
H2 204 a
www.googletagmanager.com/ Frame 6E84 0
128 B 21ms
19ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&es=1&e=gtm.init_consent&eid=-1&tc=1&z=0

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ Frame 6E84 0
54 B 31ms
30ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&es=1&e=gtm.init&eid=0&tc=1&z=0

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ Frame 6E84 0
45 B 31ms
30ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&es=1&e=gtm.js&eid=1&tc=1&tr=1rep&ti=1rep&z=0

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ Frame 6E84 0
54 B 28ms
26ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&es=1&e=gtag.config&eid=3&tc=1&epr=1DC&z=0

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ Frame 6E84 0
54 B 36ms
34ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&e=gtm.js&eid=1&tc=1&tr=5rep&ti=1rep&z=0

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6E84 195 KB
70 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6e085fd9559f31c1b8a76f7b2c105abc87f71c711afccc27b9b4fde90230740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71365
x-xss-protection: 0
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 6E84 103 KB
40 KB 70ms
25ms Script
application/javascript 2a00:1450:400e:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MXB48L7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45e0b85a50c3350dba9a13a416c9beb688598bb6131a3b0d57c84a24008021ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40368
x-xss-protection: 0
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 0056.js Show response
script.crazyegg.com/pages/scripts/0031/ Frame 6E84 5 KB
2 KB 79ms
30ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f47f8373044a1e9bf917d06dab02d03b719a81971c64ee94143d712732eb32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6041
cf-polished: origSize=5359
cf-ray: 71b328b3afb801eb-ZRH
ce-version: 11.1.447
last-modified: Tue, 14 Jun 2022 11:04:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 6E84 39 KB
15 KB 60ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 6E84 38 KB
12 KB 62ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e2db6493cc4a606dd658a7859c64d725083e1c463b38005a761bab49d9cf27d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 22:16:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A38C0FA3CCE94EB6913BC22B03B76292 Ref B: FRAEDGE1519 Ref C: 2022-06-14T12:44:43Z
etag: "80ead641737fd81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 14 Jun 2022 12:44:43 GMT
accept-ranges: bytes
content-length: 11353

GET
H2 200 t.js Show response
30531.tctm.co/ Frame 6E84 52 KB
17 KB 81ms
19ms Script
application/x-javascript 2600:9000:223d:ca00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:ca00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 71c9d942b862df0a8d9eafedbd22f01568abab21dbf2524e64bf853df9f4b2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 12:44:43 GMT
server: ctm
x-amz-cf-pop: FRA56-P3
etag: W/62a882bb000077434a43a466-30531
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: iUBbfQ2iA-aW34XZgzl2-L8nsBia2mJ1txtvy3hRea9BYIe4K1M9kw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6E84 100 KB
27 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 40Ehfz19oxzOfViM0JZDrtipaU3/1JXIonvXljFThBRVPw/w/zI4hL4xHDzuFUSqEmRcITaN/WMCwIQDluvbYQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 14 Jun 2022 12:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame 6E84 19 KB
6 KB 38ms
6ms Script
application/x-javascript 2600:9000:223c:2c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:56:59 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 11:56:49 GMT
server: Jetty(9.3.29.v20201019)
age: 2864
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-P2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: N3ZBU9Wsumo2YpI3kqq58xjut-GEBjYnmrroDdLFXvKCQ-3SKEQzNw==
expires: Tue, 14 Jun 2022 12:56:59 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ Frame 6E84 17 KB
6 KB 122ms
24ms Script
application/javascript 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c1d490146aa71bd2dcdd05b8de13d3ddc1d236c607b8c4634b1ac88792504a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Tue, 14 Jun 2022 12:44:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 08:40:07 GMT
Server: AmazonS3
x-amz-request-id: 4PF1DJKPXB9DT1EP
ETag: "c824d23cb482d5f91002fac1fd870cd7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=89
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
x-amz-id-2: YfXDP2gra5471eshsyRGTNdFLNzHv+eNeo0oHaeWfgYJ3jNfpYNEgv/gx1QMYJPOLJ44trpg3Fg=

GET
H3 200 1565260733747379 Show response
connect.facebook.net/signals/config/ Frame 6E84 290 KB
83 KB 66ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1565260733747379?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85e34369f66a504a193de0a27343740dbb2834a493422475b0513073107c1188

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wA8J8mvOjiWpxw+usCnOMMF0L+75G26QXo/qVewRIdEhhlAUGocC14v8JLjO6culEssxuBQ7t68ssGYFSyyDsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 14 Jun 2022 12:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655210683537
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ Frame 6E84 2 KB
2 KB 54ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1655210683481&cv=9&fst=1655210683481&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&tiba=Avera%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e64b62e73ee2d9a22714034cda28deafded7cea3c84281658b45cca3a2761a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 13006411.js Show response
bat.bing.com/p/action/ Frame 6E84 0
137 B 308ms
307ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13006411.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BEDFB2A3F84F4C1CBECAAF185B69CC3C Ref B: FRAEDGE1519 Ref C: 2022-06-14T12:44:43Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 14 Jun 2022 12:44:43 GMT

GET
H/1.1 200
OK ca.html Show response
20770730p.rfihub.com/ Frame 50B8 3 KB
3 KB 139ms
24ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&ra=5765524946031049
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 3aeb66ae80ae4c28a6c3af166842e33b6dc873fa99102b2fadeaca6f70eb18b6

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2670
Content-Type: text/html;charset=utf-8
Date: Tue, 14 Jun 2022 12:44:43 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/data-scripts/0031/ Frame 6E84 15 KB
2 KB 50ms
24ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953a013e6fff4195f39c365f2cc051f5f7844be9f7f0852574f692599d1b9be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6040
ce-version: 11.1.447
content-length: 2073
timing-allow-origin: *
last-modified: Tue, 14 Jun 2022 11:04:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 71b328b40a1f021d-ZRH

GET
H2 200 TKqKSCG_tk4
www.youtube.com/embed/ Frame 509A 0
0 66ms
47ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TKqKSCG_tk4

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 14 Jun 2022 12:44:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1060691714/ Frame 6E84 42 B
64 B 36ms
20ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060691714/?random=1655210683481&cv=9&fst=1655208000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=3644289944&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1060691714/ Frame 6E84 42 B
548 B 54ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060691714/?random=1655210683481&cv=9&fst=1655208000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=3644289944&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.447.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ Frame 6E84 86 KB
28 KB 21ms
21ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9453d5483cba625a40cb6e7f305a6a71291c40d371e597deeb7b4abc09869e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Jun 2022 15:46:09 GMT
server: cloudflare
age: 85700
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 71b328b4389801eb-ZRH
content-length: 28128

GET
H/1.1 200
OK light-pattern.png
www.avera.org/imgs/ Frame 6E84 2 KB
2 KB 176ms
129ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/light-pattern.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:42 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2194
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK facebook.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
2 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2065
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
2 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2049
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube.png
www.avera.org/imgs/ahp/ Frame 6E84 3 KB
4 KB 115ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 3571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest.png
www.avera.org/imgs/ahp/ Frame 6E84 2 KB
2 KB 175ms
175ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2270
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin.png
www.avera.org/imgs/ahp/ Frame 6E84 1 KB
1 KB 115ms
114ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1225
X-UA-Compatible: IE=Edge,chrome=1

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6E84 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 63408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 6E84 2 KB
1 KB 72ms
16ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8311
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3 200 TKqKSCG_tk4 Show response
www.youtube.com/embed/ Frame 34E3 63 KB
26 KB 65ms
51ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TKqKSCG_tk4

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c55728c1f125bcc8e5f67fd6c1aae52d0ba72354ce2777fdc02154bb2bf810e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 14 Jun 2022 12:44:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK arrow-up-circle.png
www.avera.org/imgs/ Frame 6E84 1 KB
2 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/arrow-up-circle.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/client.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/client.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Fri, 10 Jun 2022 16:57:14 GMT
Server: Microsoft-IIS/8.5
ETag: "0912d22eb7cd81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1326
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

t-cells-attacking-cancer-cell-illustration.jpg
www.avera.org/app/files/public/82766/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/t-cells-attacking-cancer-cell-illustration.jpg
https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg

78 KB
79 KB

130ms
130ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 6715780f617ccbc4ea36cf01930c6ec44e5672001fbd5e65230728f9e59642e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="t-cells-attacking-cancer-cell-illustration.jpg"
Content-Length: 80006
Expires: Tue, 14 Jun 2022 12:49:44 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82766/t-cells-attacking-cancer-cell-illustration.jpg
Cache-Control: private
Content-Length: 187
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

young-woman-eyes-closed-smiling.jpg
www.avera.org/app/files/public/82767/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/young-woman-eyes-closed-smiling.jpg
https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg

37 KB
38 KB

127ms
127ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82767/young-woman-eyes-closed-smiling.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 915291c1e4a1496cb1a419a4743489cf1c2c63c9332e20a0cf157502c549afd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="young-woman-eyes-closed-smiling.jpg"
Content-Length: 38314
Expires: Tue, 14 Jun 2022 12:49:44 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82767/young-woman-eyes-closed-smiling.jpg
Cache-Control: private
Content-Length: 176
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

social-determinants-of-health-illustration.jpg
www.avera.org/app/files/public/82765/ Frame 6E84
Redirect Chain

https://www.avera.org/app/files/public/social-determinants-of-health-illustration.jpg
https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg

45 KB
45 KB

134ms
133ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82765/social-determinants-of-health-illustration.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ca61eb8bb3684be6f65a2fcf15e224283be2db96c7aa8f500369b7426887e752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Last-Modified: Thu, 02 Jun 2022 21:21:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="social-determinants-of-health-illustration.jpg"
Content-Length: 46104
Expires: Tue, 14 Jun 2022 12:49:44 GMT

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82765/social-determinants-of-health-illustration.jpg
Cache-Control: private
Content-Length: 187
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5758661bf07842e6/ Frame 6E84 3 KB
932 B 158ms
149ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5758661bf07842e6/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8dbefa80306c9e4696dea4b2ee43e5d540482600435980fe4649cce91dd0ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
etag: -2140381299--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=16, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 755

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ Frame 6E84 88 B
248 B 210ms
187ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62a882bb71fddd77&bkl=0&bl=1&pdt=1189&sid=62a882bb71fddd77&pub=ra-5758661bf07842e6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.avera.org&dr=bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&colc=1655210683690&jsl=1&skipb=1&callback=addthis.cbs.jsonp__2325162452359990
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bcc387b085219e459f8cdb512c69115edc15bf0e58a406f7c69e23863851f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DCDF 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame C761 71 KB
26 KB 13ms
13ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Tue, 14 Jun 2022 12:44:43 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 204 0
bat.bing.com/action/ Frame 6E84 0
176 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=344913a5-a8b3-4018-85ef-b758fd877abf&sid=c3ce79c0ebdf11ec944e5598263d2a82&vid=c3cea820ebdf11ecb05bb1f23a529262&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Avera%20Health&p=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&r=&lt=2114&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=261246

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D31D4C7CFFEE4E23B3CB3C17CF842116 Ref B: FRAEDGE1519 Ref C: 2022-06-14T12:44:43Z
date: Tue, 14 Jun 2022 12:44:43 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK image.aspx
69057.global.siteimproveanalytics.io/ Frame 6E84 34 B
620 B 52ms
7ms Image
image/gif 52.57.130.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://69057.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&title=Avera%20Health&res=1600x1200&accountid=69057&rt=2120&prev=4597262e-f341-fe94-1113-b8014895a16c&luid=0becccb7-f3ba-dbf9-34eb-ffee8df99082&rnd=17621
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.130.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Tue, 14 Jun 2022 12:44:43 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H3 200 270296221284406 Show response
connect.facebook.net/signals/config/ Frame 6E84 290 KB
83 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/270296221284406?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f65f103c232135435220a7766e60f514a91229c7a1ad270cf00680ff1589a589

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: T5P8gxJNDJ/SXnsjHM+Vsbgx21uuT+PR3xCPgvQltqUCASMTvfbxRN2mZ2f5mLtcUwGmvVTo7/UKDEW7YyAekA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 14 Jun 2022 12:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655210683772
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 6E84 44 B
408 B 30ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210683714&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&it=1655210683475&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ Frame 6E84 124 KB
40 KB 53ms
6ms Script
text/javascript 108.138.17.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: kkx8cmGgooMGeimwW4In93s6hIJC6Azb
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 21:07:42 GMT
server: AmazonS3
age: 1114
etag: W/"1f44d59b4ca2d82abb2911699e1698a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Tue, 14 Jun 2022 12:26:10 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: enzaXxZjH63iSmSxrcim2ErheSYNM5uXPImvXhPp6bhrVf5zn1ms_w==

GET
H/1.1 200
OK slick.js Show response
www.avera.org/scripts/ Frame 6E84 42 KB
16 KB 116ms
116ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/slick.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Jun 2022 16:58:06 GMT
Server: Microsoft-IIS/8.5
ETag: "0232c41eb7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 15758
X-UA-Compatible: IE=Edge,chrome=1

GET
H3 200 TKqKSCG_tk4 Show response
www.youtube.com/embed/ Frame 34E3 63 KB
26 KB 83ms
83ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8311d7f702eb7f0045f2391ee6af5bf286a4d2cea13be979f08ea1194a31a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 14 Jun 2022 12:44:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 6E84 980 B
513 B 26ms
25ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73b255c3ef51e28fd9579a5ecfaadab6166ef4a03c5254deae4b3fc5b29ef432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ Frame 6E84 80 B
423 B 137ms
54ms Fetch
application/json 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.avera.org%2F&buyer_pixel_id=4963
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 12:44:43 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.avera.org
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 80
Expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0031/ Frame 6E84 856 B
374 B 23ms
22ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0031/0056.json?t=459780
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601d21947afcf95d94f4353b09db20c621e3048ae6be129c8fae0b4594d0b805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6040
ce-version: 11.1.447
content-length: 308
timing-allow-origin: *
last-modified: Tue, 14 Jun 2022 11:04:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 71b328b5acfc021d-ZRH

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 50B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMDk2NDAzODk3Nw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP6ogvh96RFwnongX6BZras&google_cver=1

42 B
1008 B

64ms
17ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP6ogvh96RFwnongX6BZras&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEP6ogvh96RFwnongX6BZras&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 50B8
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5140084920964038977
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084920964038977

43 B
1 KB

14ms
13ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084920964038977

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 12:44:43 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e5deed41-d1e7-49a7-9e64-51fc150f0ec2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 12:44:43 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d8063857-66b1-42c8-86fa-b15575f9dd83
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5140084920964038977
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 50B8 0
239 B 66ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084920964038977&
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 50B8
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084920964038977&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084920964038977&redir=

42 B
945 B

34ms
34ms

Image
image/gif

52.213.203.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084920964038977&redir=

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

52.213.203.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-203-65.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v034-0378d2c90.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /of2FhiRQps=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v034-03ecb92bd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nZCJTM/dQTQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084920964038977&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 50B8
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5140084920964038977&bid=omt9pi0

0
344 B

39ms
6ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5140084920964038977&bid=omt9pi0
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5140084920964038977&bid=omt9pi0
Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 50B8 45 B
616 B 136ms
75ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084920964038977

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Tue, 14 Jun 2022 12:44:43 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 50B8 0
105 B 102ms
5ms Image
text/plain 18.185.225.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.225.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-225-109.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 50B8
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084920964038977&referrer=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=73975b98-4ffd-4687-8267-7d0535295d0a%3A1655210683.9&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D73975b98-4ffd-4687-8267-7d0535295d0a%...
https://idsync.rlcdn.com/501709.gif?partner_uid=73975b98-4ffd-4687-8267-7d0535295d0a%3A1655210683.9
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJVIIP-5g034ERrdcBfAg3g&google_cver=1

42 B
60 B

16ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJVIIP-5g034ERrdcBfAg3g&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:44:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJVIIP-5g034ERrdcBfAg3g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 50B8 43 B
109 B 458ms
247ms Image
image/gif 18.210.53.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084920964038977
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.53.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-53-250.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 50B8
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward=&C=1

43 B
783 B

28ms
26ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward=&C=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 12:44:43 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5140084920964038977&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 50B8 42 B
448 B 46ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084920964038977
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:44:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 50B8 43 B
191 B 246ms
171ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084920964038977

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 14 Jun 2022 12:44:44 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 50B8
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084920964038977&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084920964038977&img=1&__user_check__=1&sync_id=c3f8023b-ebdf-11ec-9086-156973b60406

43 B
549 B

15ms
15ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084920964038977&img=1&__user_check__=1&sync_id=c3f8023b-ebdf-11ec-9086-156973b60406
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 117
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 14 Jun 2022 12:44:43 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5140084920964038977&img=1&__user_check__=1&sync_id=c3f8023b-ebdf-11ec-9086-156973b60406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 50B8 43 B
183 B 308ms
99ms Image
image/gif 2600:1f18:612b:4200:89fa:b3ea:e7c5:29d9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5140084920964038977&r=tydBqr1uqfMN
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:89fa:b3ea:e7c5:29d9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 50B8 43 B
377 B 95ms
27ms Image
image/gif 34.250.36.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084920964038977
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.36.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:43 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 50B8 0
338 B 103ms
30ms Image
text/plain 54.171.37.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084920964038977
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.37.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-37-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=49 t=1655210684
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 50B8
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920964038977&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084920964038977&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

18.195.192.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084920964038977&expires=30
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 18.195.192.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-192-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5140084920964038977&expires=30
Date: Tue, 14 Jun 2022 12:44:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 50B8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YqiCvAAI3G6c7wAo
https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiCvAAI3G6c7wAo&_test=YqiCvAAI3G6c7wAo

42 B
1 KB

17ms
16ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiCvAAI3G6c7wAo&_test=YqiCvAAI3G6c7wAo
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:44 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1655210684.157671,VS0,VE0
x-served-by: cache-hhn4044-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YqiCvAAI3G6c7wAo&_test=YqiCvAAI3G6c7wAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 6E84 19 B
419 B 31ms
6ms XHR
binary/octet-stream 52.222.236.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-129.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 5711603
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 19
x-amz-cf-id: uQkH5aPwUypfe0Pgammzv4dHT_1rAkBjQMb3kOwH48F1OSAsLfIBTQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 6E84 19 B
419 B 31ms
7ms XHR
binary/octet-stream 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 13:24:28 GMT
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 15117616
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-length: 19
x-amz-cf-id: ZrbQ6n1KeTUkR36oFQse6i4oPy1Zs12WyjQ0Yx7zu7JRG00N1TkEAQ==

GET
BLOB 200
OK 83760830-a304-4787-b99d-ceb6bc2e663e
https://www.avera.org/ Frame 6E84 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/83760830-a304-4787-b99d-ceb6bc2e663e
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/5dedc3ae/www-widgetapi.vflset/ Frame 6E84 157 KB
51 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84376d6dd797113b16b947118a2e6326e395440ce9d0a3497f335286976bd4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52207
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Jun 2023 12:14:58 GMT

GET
H3 200 3843099095725111 Show response
connect.facebook.net/signals/config/ Frame 6E84 290 KB
83 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3843099095725111?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f2554fa7ad362b328cf6ba8c60ff7c9f42ec183dab4a162834df981b7c438c1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YEAsl0gjGUtQ7OL+Oot2IjI+1pMhdD+MRWn7aff7xygE1YczcWh0zWWqGgOYboqG4gomOQFTWGdwWRf7m5EMzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 14 Jun 2022 12:44:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1655210683927
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 6E84 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270296221284406&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210683853&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&it=1655210683475&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 14 Jun 2022 12:44:43 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1842/1248633193/ Frame 6E84 3 KB
1 KB 20ms
19ms Script
text/javascript 108.138.17.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: og8LYy4F7wYsj7xWF5dblQTTolj4Jr4r
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 20:39:58 GMT
server: AmazonS3
age: 2
etag: W/"91458637d9d9d3064f357ca4faab79db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Tue, 14 Jun 2022 12:44:43 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: NpDY7IioNQAzQ6ZHG5eA3wQT9HcCwf8-MYvGXn9MwliRYidxFJyoTQ==

GET
H3 200 www-player.css
www.youtube.com/s/player/5dedc3ae/ Frame 34E3 338 KB
46 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2098ca295100bcbd42b0afa9d20c055f8ebb6bf7a54d9c24667fc821c61f6c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47526
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5dedc3ae/www-embed-player.vflset/ Frame 34E3 304 KB
94 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964d88f63d07be5bbd7141bcf008bcf6f30a680c88dad961113553eabf0d74cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96070
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:18 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/ Frame 34E3 2 MB
535 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c582d0d723f60542959a06db25de335ebc3bbd5e344164381c2d96c6a877700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547475
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:18 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5dedc3ae/fetch-polyfill.vflset/ Frame 34E3 9 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:18 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 6E84 263 KB
76 KB 11ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 14 Jun 2022 12:44:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 34E3 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 589082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Jun 2023 17:06:41 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 6E84 26 B
133 B 105ms
38ms XHR
text/plain 52.48.114.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1655210683926
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.447.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.114.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-114-92.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: cb596f4c49792da45a6080e83954e10af0c8662f3e4439f6bb8b32ffc8110a28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 12:44:44 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H2 200 track
t.teads.tv/ Frame 6E84 23 B
143 B 120ms
57ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.3_3cac726&buyer_pixel_id=4963&referer=https%3A%2F%2Fwww.avera.org%2F
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 6E84 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ Frame 6E84 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3843099095725111&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210684012&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&it=1655210683475&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 14 Jun 2022 12:44:44 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 34E3 113 B
159 B 29ms
14ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee11c18741b15b0f13f881dd16c85d0e6e8775940f7280bfc72b8b5593172698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 34E3 29 B
588 B 28ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:40:21 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Jun 2022 12:55:21 GMT

GET
BLOB 200
OK 02547237-6597-4bde-b895-e51ad40bde43
https://www.avera.org/ Frame 6E84 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/02547237-6597-4bde-b895-e51ad40bde43
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abf119d2157d5e01b79460c2361595082d232561567728ef497f94607b7d97b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
14ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 12:44:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 34E3 62 KB
29 KB 38ms
24ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91df50847133347137e73b00ac64766702bd4ece0c80568d0ed2d9902f68f692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29389
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/ Frame 34E3 119 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0612095ddd80e825e9ef13a84336ce9b5ae03031491ebdc1051d8a09a402da56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37791
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:19 GMT

GET
H3 200 mrc_WD23Y3_ztETCTZRlmxjTHkWmo2OisD4IA6iKhQo.js Show response
www.google.com/js/th/ Frame 34E3 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mrc_WD23Y3_ztETCTZRlmxjTHkWmo2OisD4IA6iKhQo.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ab73f583db7637ff3b444c24d94659b18d31e45a6a363a2b03e0803a88a850a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13503
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 12:16:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/ Frame 34E3 27 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e56241f200adcd2f8bfdc9057a17ec1eee65028b8806c4bfe2d67dc37331d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 15:52:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8101
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 00:16:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Jun 2023 15:52:19 GMT

GET
DATA 200
OK truncated
/ Frame 34E3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 34E3 3 KB
3 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:54:34 GMT
x-content-type-options: nosniff
age: 3010
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2727
x-xss-protection: 0
server: fife
etag: "v85"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jun 2022 16:37:01 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/TKqKSCG_tk4/ Frame 34E3 37 KB
37 KB 49ms
22ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TKqKSCG_tk4/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37746
x-xss-protection: 0
server: sffe
etag: "1640012890"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Jun 2022 14:44:44 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 34E3 4 KB
3 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 12:44:44 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 34E3 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?dxy7qw
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/102/ Frame 34E3 52 KB
15 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/102/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15092
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Jun 2022 12:16:01 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 34E3 98 B
142 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5dedc3ae/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

692efee6cab6468cd91fc96c6e1a94dac81e829ab9c7ea87634ced92df278840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 14 Jun 2022 12:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 12:44:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ Frame 6E84 5 KB
2 KB 366ms
101ms Script
application/javascript 3.92.120.28

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 -, , ASN (),
Reverse DNS
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:44 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Mon, 13 Jun 2022 05:18:57 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Thu, 13 Jun 2024 12:44:44 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ Frame 6E84 72 B
510 B 125ms
124ms Script
text/html 3.92.120.28

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=12820&account_id=564662&title=Avera%20Health&url=https%3A%2F%2Fwww.avera.org%2F&referrer=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.92.120.28 -, , ASN (),
Reverse DNS
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 12:44:45 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Thu, 13 Jun 2024 12:44:45 GMT

GET
H3 204 a
www.googletagmanager.com/ Frame 6E84 0
17 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=DC-9663759&cv=1&v=3&t=t&pid=1387240363&rv=6d0&es=1&e=gtm.load&eid=12&u=C&tc=1&epr=2DC.1G.3G&cl=g.20.11&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:44:45 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 6E84 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210685287&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&it=1655210683475&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 14 Jun 2022 12:44:45 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 6E84 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270296221284406&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210685356&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&it=1655210683475&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 14 Jun 2022 12:44:45 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 6E84 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3843099095725111&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=https%3A%2F%2Fbafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link%2F&if=true&ts=1655210685513&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&it=1655210683475&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:44:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 14 Jun 2022 12:44:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avera.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uwpe3ucmyryaljd4yron0qwd
www.avera.org/	1970-01-20 12:32:26	Name: mobileview Value: web
.bing.com/	1970-01-20 13:08:26	Name: MUID Value: 34CFCD3E186D6D082316DCFD19066C31
30531.tctm.co/	1969-12-31 23:59:59	Name: ct30531 Value: 62a882bb000077434a43a466
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9KJBQViAfE0
.youtube.com/	1970-01-20 08:06:02	Name: VISITOR_INFO1_LIVE Value: _YsXVYA1KX4
.rfihub.com/	1970-01-20 13:08:26	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MrA0MzEwtrA0NxfiM9RNLXDKjPcxN0hKj68CAOLI5RUlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MrA0MzEwtrA0NxfiM9RNLXDKjPcxN0hKj68CAOLI5RUlAAAA
.facebook.com/	1970-01-20 05:56:26	Name: fr Value: 0YSHuu7x288v2mlY7..BiqIK7...1.0.BiqIK7.
69057.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE58234E1749C0C8D9A92211750FA6F721F8D94C802FC0ABEC312B9A2BE95F42025942029CF1A24ECE2DEC01625DB7FC442F
.addthis.com/	1970-01-20 13:15:38	Name: uvc Value: 1%7C24
.avera.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.adnxs.com/	1970-01-20 05:56:26	Name: uuid2 Value: 4934401788901320520
.doubleclick.net/	1970-01-20 13:08:26	Name: IDE Value: AHWqTUmK7pwwjueJhbVMOYL3xkj8zihtOvYsyBJiDF6jI9zvErpAT9OqBROLQwnyr0s
.casalemedia.com/	1970-01-20 12:32:26	Name: CMID Value: YqiCuzctHigVK0lwjQvo-AAA
.casalemedia.com/	1970-01-20 05:56:26	Name: CMPS Value: 5203
.casalemedia.com/	1970-01-20 05:56:26	Name: CMPRO Value: 5203
.adnxs.com/	1970-01-20 05:56:26	Name: anj Value: dTM7k!M4/YErk#WF']wIg2ImTqh>Sx!@wnfH8KAM.xpH^Gmi[rCxrHTFp4YhEs$1fD?3Y6^j/(-@(T(?!2>h9/+0J2!'[]72LBgR
.eyeota.net/	1970-01-20 03:46:51	Name: SERVERID Value: 21398~DM
.media.net/	1970-01-20 12:32:26	Name: visitor-id Value: 2982122838884180000V10
.media.net/	1970-01-20 12:31:00	Name: data-rk Value: 5140084920964038977~~3
.demdex.net/	1970-01-20 08:06:02	Name: demdex Value: 76581546772406111902997040151254763178
.addthis.com/	1970-01-20 13:15:38	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.spotxchange.com/	1970-01-20 12:32:30	Name: audience Value: c3f800af-ebdf-11ec-9086-156973b60406
.rezync.com/	1970-01-20 08:05:37	Name: zync-uuid Value: 73975b98-4ffd-4687-8267-7d0535295d0a:1655210683.9
live.rezync.com/	1970-01-20 08:06:02	Name: sd-session-id Value: .eJwVyk0LgjAYAOC_Eu_Zw5yaH-ChMrq0dwirgxcpG7aZFm4SKv737PjAM0P5kX1762RnIbH9IB2oXmqVgWQGo6ZWNpBA4PqERH5MSbz1iRfFYQiLA0Yao95dqR7_vbmvEycW4HRVXNQWT0VbHAhBXXtnUY-oK4s0_6JgLtONW2T7J9dHiuIyMrGjPGMDz9MUluUHrZYwdA.FYoUOw.JXbcsytKCFLuuDPQRiOp4uPjTpg
.dpm.demdex.net/	1970-01-20 08:06:02	Name: dpm Value: 76581546772406111902997040151254763178
.bidswitch.net/	1970-01-20 12:32:26	Name: tuuid Value: f2d64dde-2df4-4f60-8637-d8ceb083fff6
.bidswitch.net/	1970-01-20 12:32:26	Name: c Value: 1655210684
.bidswitch.net/	1970-01-20 12:32:26	Name: tuuid_lu Value: 1655210684
.krxd.net/	1970-01-20 08:06:02	Name: _kuid_ Value: O5dQAeBg
.avera.org/	1969-12-31 23:59:59	Name: cebsp Value: 1
.avera.org/	1970-01-20 12:32:26	Name: _ce.s Value: v~fb4af2d782745603a4888cb596da3b1dd4e85c0b~vpv~0~v11.rlc~1655210684057
.rlcdn.com/	1970-01-20 12:32:26	Name: rlas3 Value: criKJ+d1AeAtNe8XRRFDC3mwhx2mQ114Rkksp/IcaOU=
.rlcdn.com/	1970-01-20 05:13:14	Name: pxrc Value: CLyFopUGEgYIuuoBEAA=
.everesttech.net/	1970-01-20 12:32:26	Name: everest_g_v2 Value: g_surferid~YqiCvAAI3G6c7wAo
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12DTDLTy_LsDQLcivPy89LjzBziipKLF7FKBBZmOlc5ujoaexulmxe7pjfxGJobmxpbppkaaFrkpaWomtiZmGua2FkZq5rnmJgamxqZGmaYpBoZWhmampkaGBmYaxnCQCe95oTZQAAAA
.rfihub.com/	1970-01-20 13:08:26	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12DTDLTy_LsDQLcivPy89LjzBziipKLA7iNTQzNTUyNDCzMLY0spzFiMQ3MzJYhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuZb2FmsIhVILIw07nM0dHT2N0s2bzcMX8VK0KJiaGF2SZWNCu40byExp8kbGhubGlummRpoWuSlpaia2JmYa5rYWRmrmueYmBqbGpkaZpikGiF0KRnOUsYyU4DU9NFwqhmPkLjAwA7z_nvtAEAAA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/images/favicons Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link/js/jquery-1.11.1.min.js.download Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
69057.global.siteimproveanalytics.io
a.rfihub.com
aa.agkn.com
ajax.googleapis.com
assets-tracking.crazyegg.com
bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.teads.tv
code.jquery.com
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
jnn-pa.googleapis.com
live.rezync.com
m.addthis.com
maxcdn.bootstrapcdn.com
p.rfihub.com
p.teads.tv
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pi.pardot.com
pixel.rubiconproject.com
ps.eyeota.net
s7.addthis.com
script.crazyegg.com
siteimproveanalytics.com
solutions.invocacdn.com
stackpath.bootstrapcdn.com
static.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.teads.tv
t3.gstatic.com
tracking.crazyegg.com
u27095954.ct.sendgrid.net
v1.addthisedge.com
www.avera.org
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.pngitem.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
z.moatads.com
s7.addthis.com
104.111.215.191
104.111.242.245
104.75.88.126
108.138.17.27
108.138.17.80
142.250.181.226
142.250.185.98
151.101.194.49
167.89.123.122
173.208.219.12
18.185.225.109
18.195.192.101
18.210.53.250
18.66.122.74
185.33.221.90
185.94.180.126
193.0.160.129
2.18.235.93
2001:4de0:ac18::1:a:3b
23.35.229.56
2600:1f18:612b:4200:89fa:b3ea:e7c5:29d9
2600:9000:223c:2c00:1:76cf:fe80:93a1
2600:9000:223d:ca00:12:de4a:40:93a1
2602:fea2:2::1
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2606:4700::6813:9408
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::2006
2a00:1450:400e:803::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::3
3.124.210.90
3.92.120.28
34.250.36.127
35.244.174.68
52.162.218.125
52.213.203.65
52.222.236.129
52.48.114.92
52.57.130.8
54.171.37.193
69.173.144.138
69.192.160.245
69.192.161.152
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0612095ddd80e825e9ef13a84336ce9b5ae03031491ebdc1051d8a09a402da56
0bcc387b085219e459f8cdb512c69115edc15bf0e58a406f7c69e23863851f26
0d4ad087e1c9d8e93b63ad3a700aa946c68014dc5a9fdc07af24caa88a9a5399
0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2098ca295100bcbd42b0afa9d20c055f8ebb6bf7a54d9c24667fc821c61f6c7c
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
25ec9ff403641bdf5e0409df2cbaa6284be658b757f490036580bb3fd037a5d1
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
2f47f8373044a1e9bf917d06dab02d03b719a81971c64ee94143d712732eb32a
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3aeb66ae80ae4c28a6c3af166842e33b6dc873fa99102b2fadeaca6f70eb18b6
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e64b62e73ee2d9a22714034cda28deafded7cea3c84281658b45cca3a2761a6
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2
448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5
45e0b85a50c3350dba9a13a416c9beb688598bb6131a3b0d57c84a24008021ee
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8311d7f702eb7f0045f2391ee6af5bf286a4d2cea13be979f08ea1194a31a3
51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ae7d99284feddb3c1c729f69c3e3f173d31698005c40645e4957bc5ee3c0cd
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c
601d21947afcf95d94f4353b09db20c621e3048ae6be129c8fae0b4594d0b805
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5
65094248025c0a27bf036d8a135099105ed0155dd39fb6b44ff3960eed236ce1
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6715780f617ccbc4ea36cf01930c6ec44e5672001fbd5e65230728f9e59642e6
6769bfd63ebe0886bda8909f3ed9afd9654d0b41a5fa9c1ce3a8d01249ffd56e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
692efee6cab6468cd91fc96c6e1a94dac81e829ab9c7ea87634ced92df278840
6c55728c1f125bcc8e5f67fd6c1aae52d0ba72354ce2777fdc02154bb2bf810e
6e56241f200adcd2f8bfdc9057a17ec1eee65028b8806c4bfe2d67dc37331d99
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2
71c9d942b862df0a8d9eafedbd22f01568abab21dbf2524e64bf853df9f4b2a4
73b255c3ef51e28fd9579a5ecfaadab6166ef4a03c5254deae4b3fc5b29ef432
741c2541dad2fd7e0b9821fda6eb974400448b6c08e0b7b42be0ba293a1432ff
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c582d0d723f60542959a06db25de335ebc3bbd5e344164381c2d96c6a877700
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84376d6dd797113b16b947118a2e6326e395440ce9d0a3497f335286976bd4ab
85e34369f66a504a193de0a27343740dbb2834a493422475b0513073107c1188
8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39
8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
915291c1e4a1496cb1a419a4743489cf1c2c63c9332e20a0cf157502c549afd4
91df50847133347137e73b00ac64766702bd4ece0c80568d0ed2d9902f68f692
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
953a013e6fff4195f39c365f2cc051f5f7844be9f7f0852574f692599d1b9be5
95a24402108bec4d1b360a52e00004f522d96ee204e384bcfe834c8dceb03c8e
964d88f63d07be5bbd7141bcf008bcf6f30a680c88dad961113553eabf0d74cf
9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ab73f583db7637ff3b444c24d94659b18d31e45a6a363a2b03e0803a88a850a
9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b
9f2554fa7ad362b328cf6ba8c60ff7c9f42ec183dab4a162834df981b7c438c1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
a9453d5483cba625a40cb6e7f305a6a71291c40d371e597deeb7b4abc09869e5
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
abf119d2157d5e01b79460c2361595082d232561567728ef497f94607b7d97b7
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c1d490146aa71bd2dcdd05b8de13d3ddc1d236c607b8c4634b1ac88792504a4d
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27
ca61eb8bb3684be6f65a2fcf15e224283be2db96c7aa8f500369b7426887e752
cb596f4c49792da45a6080e83954e10af0c8662f3e4439f6bb8b32ffc8110a28
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
d0371ad375313e56a842adb9e32aa656261dadb033bc6d6e46c0db5695cf6f98
d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
d6e085fd9559f31c1b8a76f7b2c105abc87f71c711afccc27b9b4fde90230740
d8c773f8d049754f9432e8c9a2caaae56a656bb3f0eb1a52e98382aff545ee8a
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e2db6493cc4a606dd658a7859c64d725083e1c463b38005a761bab49d9cf27d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ee11c18741b15b0f13f881dd16c85d0e6e8775940f7280bfc72b8b5593172698
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d
f3164bf8bcf72bfb5d57247b424d008ff562c630244d32407cb6253c82f7af8a
f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65f103c232135435220a7766e60f514a91229c7a1ad270cf00680ff1589a589
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8dbefa80306c9e4696dea4b2ee43e5d540482600435980fe4649cce91dd0ea6
fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e

bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link Open in urlscan Pro 2602:fea2:2::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

88 %HTTPS

47 %IPv6

49 Domains

65 Subdomains

57 IPs

4 Countries

3165 kBTransfer

8230 kBSize

38 Cookies

0 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bafybeiduqfwccprz7huvhc2elcddkbzj2gflllghb6rgt4tnm6mm4badzm.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

88 %
HTTPS

47 %
IPv6

49
Domains

65
Subdomains

57
IPs

4
Countries

3165 kB
Transfer

8230 kB
Size

38
Cookies

160 HTTP transactions
4 data transactions