markrousso.ewmre.net Open in urlscan Pro
204.232.141.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://markrousso.ewmre.net/
Submission: On September 18 via automatic, source certstream-suspicious (September 18th 2024, 11:16:02 am UTC) — Scanned from DE

Summary HTTP 124 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 39 domains to perform 124 HTTP transactions. The main IP is 204.232.141.225, located in United States and belongs to RACKSPACE, US. The main domain is markrousso.ewmre.net.
TLS certificate: Issued by E5 on September 17th 2024. Valid for: 3 months.

This is the only time markrousso.ewmre.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	204.232.141.225 204.232.141.225	27357 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
8 41	2a04:4e42:400... 2a04:4e42:400::591	54113 (FASTLY) (FASTLY)
1 4	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
8	54.231.194.177 54.231.194.177	16509 (AMAZON-02) (AMAZON-02)
2	204.232.141.226 204.232.141.226	27357 (RACKSPACE) (RACKSPACE)
2	2600:9000:272... 2600:9000:2724:a00:a:6937:9340:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	60068 (CDN77 _) (CDN77 _)
4	2600:9000:223... 2600:9000:223d:cc00:11:93bc:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
20 22	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:b400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4280:1aa0:e7ab:14da:3634	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.121.124.19 3.121.124.19	16509 (AMAZON-02) (AMAZON-02)
1 1	18.193.63.175 18.193.63.175	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2607:ae80:192... 2607:ae80:192:1::176	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	52.44.245.245 52.44.245.245	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.211.71.211 52.211.71.211	16509 (AMAZON-02) (AMAZON-02)
1	63.34.208.184 63.34.208.184	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
124	41

11 204.232.141.225 (United States)

ASN27357 (RACKSPACE, US)

markrousso.ewmre.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ewmre.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flagshipapi.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wp.prod.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a04:4e42:400::591 (United States) 8 redirects

ASN54113 (FASTLY, US)

bt-wpstatic.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.231.194.177 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

boomtown-production-consumer-backup.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.232.141.226 (United States)

ASN27357 (RACKSPACE, US)

static.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suggest.boomtownroi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:a00:a:6937:9340:93a1 (United States)

ASN16509 (AMAZON-02, US)

pages.liveby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)

cdn.usefathom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:cc00:11:93bc:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.liveby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.194.66.159 (Washington, United States) 20 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:1aa0:e7ab:14da:3634 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.124.19 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-124-19.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.63.175 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-63-175.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:192:1::176 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.245.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-245-245.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.71.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-71-211.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.208.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-208-184.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	fastly.net 8 redirects bt-wpstatic.freetls.fastly.net — Cisco Umbrella Rank: 203459	910 KB
25	simpli.fi 20 redirects tag.simpli.fi — Cisco Umbrella Rank: 4944 i.simpli.fi — Cisco Umbrella Rank: 4294 um.simpli.fi — Cisco Umbrella Rank: 934	16 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	917 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 3310	87 KB
8	amazonaws.com boomtown-production-consumer-backup.s3.amazonaws.com — Cisco Umbrella Rank: 284972	5 MB
8	ewmre.net markrousso.ewmre.net www.ewmre.net	111 KB
6	liveby.com pages.liveby.com — Cisco Umbrella Rank: 227188 api.liveby.com — Cisco Umbrella Rank: 225508	26 KB
5	boomtownroi.com static.boomtownroi.com — Cisco Umbrella Rank: 303562 flagshipapi.boomtownroi.com — Cisco Umbrella Rank: 246128 wp.prod.boomtownroi.com — Cisco Umbrella Rank: 503587 suggest.boomtownroi.com — Cisco Umbrella Rank: 348633	35 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	18 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	4 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	991 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	76 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	979 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 270	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2052	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2630	882 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 544 d.agkn.com — Cisco Umbrella Rank: 777	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 467	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 509	730 B
2	usefathom.com cdn.usefathom.com — Cisco Umbrella Rank: 18833	3 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 621	31 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 526	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 414	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 10137	64 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 91	23 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 943	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 989	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1278	443 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1589	421 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 503	126 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 597	655 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 881	225 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6782	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 424	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1217	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 676	237 B
1	gstatic.com www.gstatic.com	215 KB
0	intentiq.com Failed sync.intentiq.com Failed
124	39

	Domain	Requested by
41	bt-wpstatic.freetls.fastly.net	8 redirects markrousso.ewmre.net bt-wpstatic.freetls.fastly.net
22	um.simpli.fi	20 redirects markrousso.ewmre.net
10	www.googletagmanager.com	markrousso.ewmre.net
8	boomtown-production-consumer-backup.s3.amazonaws.com	markrousso.ewmre.net
5	www.ewmre.net	markrousso.ewmre.net
5	www.google-analytics.com	markrousso.ewmre.net
4	www.facebook.com	markrousso.ewmre.net
4	region1.google-analytics.com	markrousso.ewmre.net
4	api.liveby.com	markrousso.ewmre.net
4	www.google.com	1 redirects markrousso.ewmre.net
3	connect.facebook.net	markrousso.ewmre.net
3	stats.g.doubleclick.net	markrousso.ewmre.net
3	markrousso.ewmre.net	markrousso.ewmre.net
2	bam.nr-data.net	markrousso.ewmre.net
2	ib.adnxs.com	1 redirects markrousso.ewmre.net
2	loadm.exelator.com	1 redirects markrousso.ewmre.net
2	idsync.rlcdn.com	markrousso.ewmre.net
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects markrousso.ewmre.net
2	sync.1rx.io	2 redirects
2	wp.prod.boomtownroi.com	markrousso.ewmre.net
2	cdn.usefathom.com	markrousso.ewmre.net
2	tag.simpli.fi	markrousso.ewmre.net
2	pages.liveby.com	markrousso.ewmre.net
1	js-agent.newrelic.com	markrousso.ewmre.net
1	suggest.boomtownroi.com	markrousso.ewmre.net
1	cm.g.doubleclick.net	markrousso.ewmre.net
1	us-u.openx.net	markrousso.ewmre.net
1	pixel.rubiconproject.com	markrousso.ewmre.net
1	www.google.de	markrousso.ewmre.net
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	ce.lijit.com	markrousso.ewmre.net
1	bcp.crwdcntrl.net	markrousso.ewmre.net
1	stags.bluekai.com	markrousso.ewmre.net
1	sync.bfmio.com	markrousso.ewmre.net
1	ups.analytics.yahoo.com	markrousso.ewmre.net
1	ads.stickyadstv.com	markrousso.ewmre.net
1	image2.pubmatic.com	markrousso.ewmre.net
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	markrousso.ewmre.net
1	eb2.3lift.com	markrousso.ewmre.net
1	sync.targeting.unrulymedia.com	markrousso.ewmre.net
1	s.ad.smaato.net	markrousso.ewmre.net
1	i.simpli.fi	markrousso.ewmre.net
1	flagshipapi.boomtownroi.com	markrousso.ewmre.net
1	www.gstatic.com	markrousso.ewmre.net
1	static.boomtownroi.com	markrousso.ewmre.net
0	sync.intentiq.com Failed	markrousso.ewmre.net
124	50

This site contains links to these domains. Also see Links.

Domain
www.ewm.com
www.berkshirehathawayhs.com
www.bhhsluxurycollection.com
nethostpage.com
www.homeservicesinsurance-fl.com
www.homeservices.com
floridasouth.phmloans.com
www.sunshinekids.org
ftgagency.com
ewminsight.com
www.facebook.com
www.instagram.com
www.twitter.com
www.linkedin.com
www.youtube.com
policies.google.com
bt-wpstatic.freetls.fastly.net
boomtownroi.com

Subject Issuer	Validity	Valid
ewmre.net E5	`2024-09-17` - `2024-12-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-09-11` - `2025-10-13`	a year	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.boomtownroi.com Go Daddy Secure Certificate Authority - G2	`2023-10-19` - `2024-11-19`	a year	crt.sh
*.liveby.com Amazon RSA 2048 M03	`2023-12-09` - `2025-01-04`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdn.usefathom.com R10	`2024-08-18` - `2024-11-16`	3 months	crt.sh
api.liveby.com Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-28` - `2024-09-26`	3 months	crt.sh
wp.prod.boomtownroi.com E5	`2024-08-11` - `2024-11-09`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://markrousso.ewmre.net/
Frame ID: 48D7F08FAEF64D5B714584E227D7256C
Requests: 120 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://markrousso.ewmre.net
Frame ID: 89673FABACEDDEAE1DAF5718409ADD17
Requests: 1 HTTP requests in this frame

Frame: https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://markrousso.ewmre.net
Frame ID: 754D7FD0AF4344F842FA00036A62A147
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeoyN4UAAAAAJtIzwrzOAMknBZ6NSabe-uE2RWI&co=aHR0cHM6Ly9tYXJrcm91c3NvLmV3bXJlLm5ldDo0NDM.&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=q9eov9kmrp7l
Frame ID: 0E2513F496F22DE25CB93CA7E352096A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=EGbODne6buzpTnWrrBprcfAY&k=6LeoyN4UAAAAAJtIzwrzOAMknBZ6NSabe-uE2RWI
Frame ID: 23F972B436878FF5304556B0AA6EE756
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berkshire Hathaway HomeServices EWM Realty

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

124
Requests

77 %
HTTPS

33 %
IPv6

39
Domains

50
Subdomains

41
IPs

6
Countries

7982 kB
Transfer

13810 kB
Size

39
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ewm.com/results-map/?photo=1&proptype=RN&sort=importdate&status=A
Title: Rental Search

Search URL Search Domain Scan URL

URL: https://www.ewm.com/results-map/?feature=OH&officemls=EWM%2001%2CEWM%2002%2CEWM%2004%2CEWM%2005%2CEWM%2007%2CEWM%2008%2CEWM%2009%2CEWM%2011%2CEWM%2041%2CEWM%2076%2CEWM%2010%2CEWM%2066%2CFLLEWM%2066%2CFLLEWM10&photo=1&sort=importdate&status=A
Title: Open House Search

Search URL Search Domain Scan URL

URL: https://www.berkshirehathawayhs.com/EWM-Realty-FL317
Title: Global Property Search

Search URL Search Domain Scan URL

URL: http://www.bhhsluxurycollection.com/
Title: Global Luxury Property Search

Search URL Search Domain Scan URL

URL: https://nethostpage.com/sites/ewm/careers/
Title: Become An Associate

Search URL Search Domain Scan URL

URL: https://www.homeservicesinsurance-fl.com/
Title: Home and Auto Insurance

Search URL Search Domain Scan URL

URL: http://www.homeservices.com/
Title: HomeServices of America

Search URL Search Domain Scan URL

URL: https://floridasouth.phmloans.com/
Title: Mortgage

Search URL Search Domain Scan URL

URL: http://www.sunshinekids.org/
Title: Sunshine Kids Foundation

Search URL Search Domain Scan URL

URL: https://ftgagency.com/
Title: Title & Closing Services

Search URL Search Domain Scan URL

URL: https://www.ewm.com/results-gallery/?minprice=1000000&officemls=EWM%2001,EWM%2002,EWM%2004,EWM%2005,EWM%2006,EWM%2007,EWM%2008,EWM%2009,EWM%2011,EWM%2041,EWM%2076,EWM%2010,EWM%2066,FLLEWM%2066,FLLEWM%2010&sort=listprice
Title: See All Listings Our Exclusive Luxury Listings Photo Gallery of Properties

Search URL Search Domain Scan URL

URL: http://ewminsight.com/
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.ewm.com/lifestyles-south-florida/
Title: Lifestyles+ South Florida

Search URL Search Domain Scan URL

URL: https://www.ewm.com/miami-fl-homes-for-sale/
Title: Miami

Search URL Search Domain Scan URL

URL: https://www.ewm.com/fort-lauderdale-fl-homes-for-sale/
Title: Fort Lauderdale

Search URL Search Domain Scan URL

URL: https://www.ewm.com/miami-beach-fl-homes-for-sale/
Title: Miami Beach

Search URL Search Domain Scan URL

URL: https://www.ewm.com/coral-gables-fl-homes-for-sale/
Title: Coral Gables

Search URL Search Domain Scan URL

URL: https://www.ewm.com/hollywood-fl-homes-for-sale/
Title: Hollywood

Search URL Search Domain Scan URL

URL: https://www.ewm.com/community-guides/
Title: More Guides

Search URL Search Domain Scan URL

URL: http://www.facebook.com/BHHSEWMRealty

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ewmrealty/

Search URL Search Domain Scan URL

URL: http://www.twitter.com/BHHSEWMRealty

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ewm-realty-international?trk=company_logo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ewmrealtors

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.ewm.com/files/2023/03/BHHS-Website-Privacy-Policy-Effective-Date-6-2019-rev-03.02.23-88b722cc0fe3d38847ca25eb2476845af925f3b5.pdf
Title: Berkshire Hathaway HomeServices EWM Realty Privacy Policy

Search URL Search Domain Scan URL

URL: https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/08/Terms-and-Conditions-of-Use-EWM-08.2023-36dba4b43abe9db0727ceb15becb8fc93ef65858.pdf
Title: Berkshire Hathaway HomeServices EWM Realty Terms of Use

Search URL Search Domain Scan URL

URL: https://boomtownroi.com/?utm_campaign=ewmre.net&utm_medium=bt_client_site_referral&utm_source=client_sites
Title: © 2024

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

Request Chain 21

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png

Request Chain 22

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg

Request Chain 23

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg

Request Chain 53

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg

Request Chain 71

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg

Request Chain 81

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 82

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/93D2EA6C386149D8B4B68CD0C6D83DF7 HTTP 302
https://sync.1rx.io/usersync/simplifi/93D2EA6C386149D8B4B68CD0C6D83DF7?zcc=1&cb=1726658156942 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-67162859-9ad2-4062-8111-9554d195b241-003

Request Chain 83

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=93D2EA6C386149D8B4B68CD0C6D83DF7&dongle=yf3

Request Chain 84

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 85

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 86

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=93D2EA6C386149D8B4B68CD0C6D83DF7 HTTP 302
https://d.agkn.com/pixel/10751/?che=1726658156951&ip=80.255.7.105&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216663105009001846078 HTTP 302
https://um.simpli.fi/aa_px?sk=216663105009001846078 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 87

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 88

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 89

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 90

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=93D2EA6C386149D8B4B68CD0C6D83DF7;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=93D2EA6C386149D8B4B68CD0C6D83DF7;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=8912989850806731202

Request Chain 91

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0&xl8blockcheck=1

Request Chain 92

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 93

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 94

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 95

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 96

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 97

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 98

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1726658156191&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7EC&pscrd=IhMI5-nE8K7MiAMV_YqDBx2ryTgvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21hcmtyb3Vzc28uZXdtcmUubmV0Lw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7EC&pscrd=IhMI5-nE8K7MiAMV_YqDBx2ryTgvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21hcmtyb3Vzc28uZXdtcmUubmV0Lw&is_vtc=1&cid=CAQSGwDpaXnfuP6x6ZepMfYYsMD3yl3dyoLXAR9EVA&random=3440790155 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7EC&pscrd=IhMI5-nE8K7MiAMV_YqDBx2ryTgvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21hcmtyb3Vzc28uZXdtcmUubmV0Lw&is_vtc=1&cid=CAQSGwDpaXnfuP6x6ZepMfYYsMD3yl3dyoLXAR9EVA&random=3440790155&ipr=y

Request Chain 100

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=93D2EA6C386149D8B4B68CD0C6D83DF7 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 101

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=93D2EA6C386149D8B4B68CD0C6D83DF7&expires=365

Request Chain 102

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=93D2EA6C386149D8B4B68CD0C6D83DF7

Request Chain 120

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png

Request Chain 123

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png HTTP 302
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png

124 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
markrousso.ewmre.net/ 213 KB
52 KB 1240ms
367ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

8818c0110e1dfd7e51b8ff12137df7af01ea18e62e8be0ad888747fd39e441ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Sep 2024 11:15:55 GMT
link: <https://markrousso.ewmre.net/>; rel=shortlink
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 6953
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 18 Sep 2024 11:20:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Wed, 18 Sep 2024 09:20:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 156ms
49ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 94
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 18 Sep 2024 13:14:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
date: Wed, 18 Sep 2024 11:14:21 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
93 KB 208ms
119ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2113WW5W

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d4bcf257e1d85cc65152b9558dd64c189f22439e0dc8ad946ee42981d7d6133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 18 Sep 2024 11:15:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95335
date: Wed, 18 Sep 2024 11:15:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 btga4.js Show response
markrousso.ewmre.net/wp-content/plugins/bt-google-analytics/resources/javascript/ 6 KB
1 KB 125ms
125ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://markrousso.ewmre.net/wp-content/plugins/bt-google-analytics/resources/javascript/btga4.js?v=4

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e346fbfb9c5998222c21d4dd2886d756cc23eb90318cdf6b6936762ef9c470e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000
surrogate-key: assets
content-encoding: gzip
etag: W/"66c4ace2-167b"
expires: Fri, 18 Oct 2024 11:15:55 GMT
access-control-allow-origin: *
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 14:49:06 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery.bxslider.css
bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/includes/libraries/bxslider-4/dist/ 4 KB
1 KB 166ms
57ms Stylesheet
text/css 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/includes/libraries/bxslider-4/dist/jquery.bxslider.css
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 60b04299bc904d73c55d87ef6351383918bb808b05380fe8e7787af72d53d243

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4ace3-f60"
age: 1752456
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597207,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1124
server: nginx

GET
H2 200 testimonials-widget.css
bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/assets/css/ 3 KB
731 B 166ms
57ms Stylesheet
text/css 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/plugins/testimonials-widget/assets/css/testimonials-widget.css
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4ace3-a1a"
age: 905408
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597501,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 624
server: nginx

GET
H2 200 style.min.css
bt-wpstatic.freetls.fastly.net/wp-includes/css/dist/block-library/ 79 KB
10 KB 227ms
119ms Stylesheet
text/css 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 905408
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597522,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10523
server: nginx

GET
H2 200 bt-testimonials.frontend.e0fb56d7.min.css
www.ewmre.net/wp-content/build/plugins/ 9 KB
2 KB 146ms
127ms Stylesheet
text/css 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewmre.net/wp-content/build/plugins/bt-testimonials.frontend.e0fb56d7.min.css

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

afb22929459f47664cc10ab35232bc2b231481cb6643a284dc0e1caeee156f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000, public
content-encoding: gzip
expires: Fri, 18 Oct 2024 11:15:55 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bt-block-editor-forms.frontend.85a385f0.min.css
www.ewmre.net/wp-content/build/plugins/ 5 KB
1 KB 146ms
128ms Stylesheet
text/css 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewmre.net/wp-content/build/plugins/bt-block-editor-forms.frontend.85a385f0.min.css

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

cf3b90b16144827f626d7136c588b74acfc27debbbb39ccb16d42dd9350510da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000, public
content-encoding: gzip
expires: Fri, 18 Oct 2024 11:15:55 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 base-theme.86488f6b.min.css
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/ 554 KB
90 KB 157ms
49ms Stylesheet
text/css 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ed65febf55a73d2553a28f0921762571de7fd9acc59a3e3c56e973da07d0adb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-8a7c1"
age: 1755462
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597199,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 91917
server: nginx

GET
H2 200 manifest.7ecd6199.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/ 2 KB
909 B 254ms
146ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/manifest.7ecd6199.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c165d7bdcae3acbb1769917e45538025d526f2145ef926b851def47c1fe9845

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 905408
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597988,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 818
server: nginx

GET
H2 200 regenerator-runtime.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/ 6 KB
2 KB 250ms
142ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 905408
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597961,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2398
server: nginx

GET
H2 200 wp-polyfill.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/ 16 KB
6 KB 268ms
160ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 1749993
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.642700,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6031
server: nginx

GET
H2 200 jquery-3-6-0-migrate-3.4.0.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/lib/jquery/ 101 KB
34 KB 226ms
118ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/lib/jquery/jquery-3-6-0-migrate-3.4.0.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12b4b3d3e75063715e88c3ea4df748c6b57c1de49ac6c8291dc333459f5e9f04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4ace3-19224"
age: 179037
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.597923,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34937
server: nginx

GET
H2 200 vendor.bundle.63bd000a.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/ 343 KB
100 KB 227ms
119ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/vendor.bundle.63bd000a.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c0d144432b6d24a195bdebab10fc83d01d9f3403326accd6537cf93020ad658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 908668
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:10 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.598194,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102420
server: nginx

GET
H2 200 escape-html.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 2 KB
828 B 267ms
159ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/escape-html.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7888ffcea333c718549f8cca260ec422d5ad5583d6cb32c049f61b57ecc395f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 121222
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.642668,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 766
server: nginx

GET
H2 200 element.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 9 KB
3 KB 266ms
159ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/element.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 152912e109dc49161717407bccb672669982e04a35df96afa574533c15a1950a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 121222
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.642646,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3491
server: nginx

GET
H2 200 core-components.1e6d6953.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/build/core/ 253 KB
60 KB 265ms
158ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/core/core-components.1e6d6953.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5690d9f5745b42e9c6f76d6941ef4f7e689b3fa7c0e8575d5a7e509a34a692f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 543820
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.642614,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60835
server: nginx

GET
H2 200 bt-block-editor.frontend.f684738f.min.js Show response
www.ewmre.net/wp-content/build/plugins/ 12 KB
5 KB 148ms
130ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewmre.net/wp-content/build/plugins/bt-block-editor.frontend.f684738f.min.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

4c6d10f859aeaa89e692d2a1f457495e20bb1d5e614abdf52286fa7aaf64ef85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000, public
content-encoding: gzip
expires: Fri, 18 Oct 2024 11:15:55 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
967 B 140ms
57ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

94f5196fd2a0e77ac5f6bbf268c53e36d4fc6bfe33cca0e3ca31fe4fb675a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 18 Sep 2024 11:15:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 18 Sep 2024 11:15:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1

200
OK

new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png

29 KB
29 KB

641ms
136ms

Image
image/png

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c178741a34e6c29013714d1b48ba987fbda1fd0570b3a0ff7e505ca3d3b99f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: uu2dNq36bHCDPtE2CLyCweIbp/UpC+ZdIw6krXonZIoK+KG+rBoxuaRBjpCA8K71LLr//QXJPUc=
ETag: "9f1ce2e2aab0e62fa08b26de461fb605"
x-amz-version-id: null
x-amz-request-id: Y0H8M76PPTP59QRX
Accept-Ranges: bytes
Content-Length: 29383
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Wed, 15 Feb 2023 14:51:43 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-ip-dea8046443489c45d9de68b22b5c3c77ede1f7f1.png
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.642619,VS0,VE2
age: 5978
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H/1.1

200
OK

new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png

133 KB
133 KB

572ms
198ms

Image
image/png

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f6bf33cc79f76672d7e2ebb2e5f5cc8a7781be3fcf729b9eeba2d95860969242

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: 0Tw93ky3f2NBaVYFfw4ycoreUUVRAoSTZpYry24AraFJSGFu1IzHKrVZilsvGfrTJ8iosMFagrY=
ETag: "a69f31700867e27b325c1bc9e4d51e60"
x-amz-version-id: null
x-amz-request-id: Y0H1AM86Q2JYHHNE
Accept-Ranges: bytes
Content-Length: 135842
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Wed, 15 Feb 2023 15:20:05 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/new-hpw-4835e591ed106f575763ce5db96ad488fe15c72d.png
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.642619,VS0,VE1
age: 5978
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H/1.1

200
OK

AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg

970 KB
970 KB

369ms
246ms

Image
image/jpeg

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd6d3bf0cbe180733d258dc372f0f66b5b38e930dbcdfb7300972df70c6d1994

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: vQMFks+/MH/+k9WUFWHRgUBb46YzdOkbKX9E0TnyiZjGAur4vsTgDklhvZB2vfi6pQCDngLzIgI=
ETag: "7d5c2819a19826d9da34ce786a16e685"
x-amz-version-id: null
x-amz-request-id: Y0H5P9GZ3XF0JBVD
Accept-Ranges: bytes
Content-Length: 992794
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Wed, 22 Jun 2022 21:36:39 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_309816893-6ee7ffafc20e6ea5d51612f85190d596e3b9cde5-scaled.jpeg
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.836883,VS0,VE2
age: 5978
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H/1.1

200
OK

AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg

350 KB
350 KB

338ms
215ms

Image
image/jpeg

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f4aafa24c3919ed8d6a22c605ed2161b592b0b8e22aa100c3560590c9603648

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: BG6KFH6DVeXGoumaplBeKxagKUPhJEmWV/cH0ux4DpTG0Urxb+V/maFAJtIglP23cnw8AksZJh4=
ETag: "e8f4d6adad6d2ff8765f0c491effdee6"
x-amz-version-id: null
x-amz-request-id: Y0HFF39QW86PQ2E1
Accept-Ranges: bytes
Content-Length: 358181
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Tue, 21 Jun 2022 15:41:18 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2022/06/AdobeStock_214222181-cc692e3220873a3c076c5a31d738483abb98ff4b-scaled.jpeg
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.836883,VS0,VE1
age: 5978
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H2 200 3.jpg
bt-wpstatic.freetls.fastly.net/wp-content/plugins/bt-teaser/resources/images/templates/porthole-offset/ 76 KB
76 KB 54ms
48ms Image
image/jpeg 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/plugins/bt-teaser/resources/images/templates/porthole-offset/3.jpg?v=2
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a16ff0d2c5f9b1dea2d4fa58a31da274ba956dc849ace164ad95c90b20f74a63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: "66c4ace3-12f6e"
age: 299478
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: image/jpeg
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-cache-hits: 0
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837152,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77678
server: nginx

GET
H2 200 idx-large.gif
static.boomtownroi.com/content/photos/rmls/idx/ 2 KB
2 KB 1092ms
129ms Image
image/gif 204.232.141.226
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.boomtownroi.com/content/photos/rmls/idx/idx-large.gif
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.232.141.226 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a3ae855a1a1f68214dc9d631e16673bda77c9647161c23c8ca6bc255aee384e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: max-age=3600
etag: "e952153a60a5da1:0"
expires: Sun, 29 Mar 2020 00:00:00 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1805
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: image/gif
last-modified: Mon, 13 May 2024 18:06:07 GMT
server: Microsoft-IIS/10.0

GET
H2 200 boomtown-footer.webp
markrousso.ewmre.net/wp-content/themes/wp-base-theme/assets/media/build/ 1 KB
1 KB 137ms
134ms Image
image/webp 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://markrousso.ewmre.net/wp-content/themes/wp-base-theme/assets/media/build/boomtown-footer.webp

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

b1ac9bbe6ebc1d737190ab70a23541cdf5d4a1834974f6daf1fe1bcb8bee4492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
etag: "66c4adc5-51a"
accept-ranges: bytes
content-length: 1306
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: image/webp
last-modified: Tue, 20 Aug 2024 14:52:53 GMT
server: nginx

GET
H2 200 liveby.js Show response
pages.liveby.com/ 74 KB
23 KB 174ms
40ms Script
application/javascript 2600:9000:2724:a00:a:6937:9340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.liveby.com/liveby.js?id=ewm
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:a00:a:6937:9340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56c8b344ed0f0ee529e4b1ecd1f04f52b34d9bf9aa087dd661bbddab6559b766

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"afdf5df35cf7e4bf7e3f4872f789464b"
age: 46541
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Yyn0zGCEA5TxgCqnewcldEPiD7gKTnNVsCDN5-Wb6ScWJrmtYRcuOw==
date: Tue, 17 Sep 2024 22:20:15 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 17 Sep 2024 22:19:14 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 e319ffd0-ab33-0137-5a25-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 154ms
55ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/e319ffd0-ab33-0137-5a25-06659b33d47c
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-request-id: F_ZScdGdglwwY9avOAPB
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 d737d130-d1c3-0137-5e44-06659b33d47c Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 154ms
55ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/d737d130-d1c3-0137-5e44-06659b33d47c
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-request-id: F_ZScdGc6PXm-0hJFQcC
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 148ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670219055

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

738c9c106c9773cb7d47e0a37d2feebe5158521b03f01d37670241d8f2f101fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 87058
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bt-testimonials.frontend.5f0d4557.min.js Show response
www.ewmre.net/wp-content/build/plugins/ 7 KB
3 KB 139ms
134ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewmre.net/wp-content/build/plugins/bt-testimonials.frontend.5f0d4557.min.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

2003fc07084ad7f3b2805ebae45f9c10101df5c259c848e2a51275271af43285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000, public
content-encoding: gzip
expires: Fri, 18 Oct 2024 11:15:55 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 manifest.f7622617.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 4 KB
2 KB 53ms
48ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/manifest.f7622617.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bbfdb2e14b88ca2a16054bd2bc69fb27815db2254b6fd4f045176dcf125971fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-f77"
age: 1752455
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837110,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1929
server: nginx

GET
H2 200 deps.8816c0e2.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 607 KB
176 KB 62ms
57ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/deps.8816c0e2.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64d8dab2a4c7b936426b195bb2224bb4af8dd9f32657db2520474393241bfe5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-97b79"
age: 908668
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837814,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180197
server: nginx

GET
H2 200 components.86488f6b.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 1 MB
223 KB 56ms
51ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/components.86488f6b.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fbf1edaff78cebae184df8f88e7e9a90dd41f47a480a7909c1c9dc59e49eedea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-146e7e"
age: 30355
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837932,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 228323
server: nginx

GET
H2 200 home.1d3ebbc1.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 67 KB
16 KB 64ms
59ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/home.1d3ebbc1.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f4ef07c6cd0a859433381fd3143ea73511b858320c74fe8bb088c16d19eb61d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-10c51"
age: 19894
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837777,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16298
server: nginx

GET
H2 200 hooks.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 5 KB
2 KB 55ms
51ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/hooks.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 112082
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837754,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1790
server: nginx

GET
H2 200 deprecated.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 2 KB
859 B 61ms
57ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/deprecated.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a36bbc4571595d89f077de130041f7673795dee9390aa7699d612838d322a6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 343119
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837761,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 773
server: nginx

GET
H2 200 dom.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 13 KB
5 KB 63ms
59ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/dom.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99b209c1e0aa2cb29ffb56e0870ede333bc67cc3dbe8526365054936ddd09fae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 538582
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837695,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4853
server: nginx

GET
H2 200 is-shallow-equal.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 2 KB
823 B 171ms
166ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/is-shallow-equal.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a9c8f47d224673f34eb7c855b21b764bc031e62ce08b51e755bb392d6ff8b9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 900515
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.839031,VS0,VE62
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 737
server: nginx

GET
H2 200 i18n.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 10 KB
4 KB 63ms
59ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/i18n.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 41997
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 14
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.839023,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3858
server: nginx

GET
H2 200 keycodes.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 3 KB
2 KB 64ms
59ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/keycodes.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92c979bf04b65260a95f5d6f97db5a5a0e18b93d7a9b85efef2a0c0d328a4933

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 900515
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.838965,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1423
server: nginx

GET
H2 200 priority-queue.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 2 KB
886 B 69ms
64ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/priority-queue.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5c2b8dd7b4560e7aa542d8a0179946f1220e84687db982751348af46abe494e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 538582
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.838926,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 824
server: nginx

GET
H2 200 compose.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 32 KB
10 KB 69ms
64ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/compose.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ee834d7ff4fd391065c6d4cf520af5339e7481f376f5a73a7a59cc280295cf5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 900515
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.838910,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10429
server: nginx

GET
H2 200 redux-routine.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 9 KB
3 KB 68ms
64ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/redux-routine.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0aee617704eccb0f4dd644b994ca0eb698800bb3a6978c19f8202f17e5ceb19a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 900515
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.838867,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2907
server: nginx

GET
H2 200 data.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/ 22 KB
7 KB 77ms
73ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/dist/data.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a75aaef9be6d97f9e9974e16297fe491e4f7ccac6f7441013372d69550fc2b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 900515
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.839947,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7327
server: nginx

GET
H2 200 bt-block-editor-forms.frontend.dbe09eb3.min.js Show response
www.ewmre.net/wp-content/build/plugins/ 171 KB
45 KB 141ms
137ms Script
application/javascript 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ewmre.net/wp-content/build/plugins/bt-block-editor-forms.frontend.dbe09eb3.min.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b94513337c4622e2b03f98f16e4839866ba8f13c64a0a96b8eda8c7640e034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: max-age=2592000, public
content-encoding: gzip
expires: Fri, 18 Oct 2024 11:15:55 GMT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 14:51:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 wp-embed.min.js Show response
bt-wpstatic.freetls.fastly.net/wp-includes/js/ 1 KB
834 B 78ms
75ms Script
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-includes/js/wp-embed.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 1749961
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:49:07 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.839958,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 765
server: nginx

GET
H2 200 details.5fae3c45.min.js
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 0
45 KB 63ms
58ms Other
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/details.5fae3c45.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-3b569"
age: 901071
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.837686,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45570
server: nginx

GET
H2 200 results-gallery.0fe208be.min.js
bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/ 0
9 KB 77ms
73ms Other
application/javascript 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/js/build/results-gallery.0fe208be.min.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
etag: W/"66c4adb2-7ba9"
age: 24553
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:52:34 GMT
x-served-by: cache-mxp6920-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.839876,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8911
server: nginx

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 181 KB
66 KB 58ms
56ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-M8C4ZPS&cid=1926013286.1726658156

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e929d1aed85e732d87f877dc4a9d2632434f5dab2a425b853efbe579d6d874ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 66947
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 376 KB
109 KB 269ms
181ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BDFQV

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ba88dd30b48d89de057c795a683f56ab5809da9a9ddc62cb1bd623678c926a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 111947
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/01/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg

3 MB
3 MB

361ms
255ms

Image
image/jpeg

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e847956b503576224a4fa62c6f26b174c83829205106a93c5bca0b252bf2df88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: YAPsbtnUj84dRgpPRJouyLqjwzskZ4+Oeh+/Z3BCBVk1HR0dHMV2danfjMzNN8Fqka6f5WwQY5E=
ETag: "38b779b1dae82389a4a6bce010d51e9e"
x-amz-version-id: null
x-amz-request-id: Y0HAEJ2J0737ZGTD
Accept-Ranges: bytes
Content-Length: 3626828
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Mon, 30 Jan 2023 16:09:27 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/01/DSC2456-2-3-4c3d7bec714bd17bdec0cfc7c8ac038f9015ed1d-scaled.jpg
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.884092,VS0,VE1
age: 165827
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H2 200 92df6940133169e4e383416c02bfb28e-fa-regular-400.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 6 KB
6 KB 150ms
52ms Font
application/font-woff 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/92df6940133169e4e383416c02bfb28e-fa-regular-400.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de22013b68779c5df28bb2aa0d882e37a25355d137d961cf58051e85b568a5e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://markrousso.ewmre.net
Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 359872
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/font-woff
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:20 GMT
x-served-by: cache-mxp6951-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.968365,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6532
server: nginx

GET
H2 200 d0b8577c047ea9719e1a7ccbb85d8788-fa-brands-400.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 2 KB
2 KB 145ms
48ms Font
application/font-woff 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/d0b8577c047ea9719e1a7ccbb85d8788-fa-brands-400.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dbf6e49525bb130e0c98c022d0aab07510b285a9dd9e9b1904efa4eac6b2adcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://markrousso.ewmre.net
Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 34918
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/font-woff
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:20 GMT
x-served-by: cache-mxp6951-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.968165,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2169
server: nginx

GET
H2 200 92df6940133169e4e383416c02bfb28e-fa-solid-900.woff
bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/ 6 KB
6 KB 146ms
48ms Font
application/font-woff 2a04:4e42:400::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bt-wpstatic.freetls.fastly.net/wp-content/build/fonts/fontawesome/92df6940133169e4e383416c02bfb28e-fa-solid-900.woff
Requested by: Host: bt-wpstatic.freetls.fastly.net
URL: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d9920c945af94bbf49a05492579854a6a97c4ddf22ce58be50165d238cb9ffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://markrousso.ewmre.net
Referer: https://bt-wpstatic.freetls.fastly.net/wp-content/themes/wp-base-theme/assets/css/build/base-theme.86488f6b.min.css

Response headers

content-encoding: gzip
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
age: 550109
x-cache: HIT
date: Wed, 18 Sep 2024 11:15:55 GMT
content-type: application/font-woff
vary: Accept-Encoding
x-cache-hits: 0
last-modified: Tue, 20 Aug 2024 14:51:19 GMT
x-served-by: cache-mxp6951-MXP
cache-control: public, max-age=864000
x-timer: S1726658156.968207,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5693
server: nginx

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 541 KB
215 KB 151ms
46ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://markrousso.ewmre.net
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
age: 14163
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 07:19:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 07:19:53 GMT
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219302
x-xss-protection: 0
server: sffe

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 54ms
52ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1411102354&t=pageview&_s=1&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&ul=de-de&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEADQAAAACAAI~&jid=32889098&gjid=1305743935&cid=1926013286.1726658156&uid=4020448460&tid=UA-139148254-1&_gid=1873965290.1726658156&_slc=1&cd4=unregistered&cd11=4020448460&z=957679464

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5734967e3d637b206f75eac14c4e4d1c1143a293c827a8fc680dc29feedabce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
210 B 55ms
52ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-139148254-1&cid=1926013286.1726658156&jid=32889098&uid=4020448460&gjid=1305743935&_gid=1873965290.1726658156&_u=KGDAgEADQAAAAGAAI~&z=980129260

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 53ms
53ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1411102354&t=pageview&_s=1&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&ul=de-de&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEADQAAAAGAAI~&jid=906956338&gjid=277411645&cid=1926013286.1726658156&uid=4020448460&tid=UA-139148254-2&_gid=1873965290.1726658156&_slc=1&cd4=unregistered&cd11=4020448460&z=170461499

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e0ca95529ce0c9b0391ae03c2b475fb31594ed999de8dbf27fbff4233f395603

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 59ms
57ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-139148254-2&cid=1926013286.1726658156&jid=906956338&uid=4020448460&gjid=277411645&_gid=1873965290.1726658156&_u=KGDAgEADQAAAAGAAI~&z=1096143567

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
93 KB 125ms
122ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SK2113WW5W&l=dataLayer&cx=c

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b71af20c1db935d7faca66f4b4c9a40a979b60a8b407db9d7ebca52c5f135b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 18 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95496
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
86 KB 135ms
133ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1050553015&l=dataLayer&cx=c

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de4339446cddeb1113b2fc32e344435fa23fe5d2266882003fddbd39daa4472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 87924
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 156ms
154ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZD8HKNH30V&l=dataLayer&cx=c

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

484a827bdf834ea25fca6fdd0f02bfad413d976b9f10c8ff0f6d926d5f28af1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 18 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93494
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 script.js Show response
cdn.usefathom.com/ 6 KB
2 KB 152ms
46ms Script
application/javascript 2400:52e0:1e00::1082:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefathom.com/script.js
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cdn-status: 200
content-encoding: br
etag: W/"d41d8cd98f00b204e9800998ecf8427e"
x-vapor-base64-encode: True
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Wed, 11 Sep 2024 17:57:56 GMT
cdn-cachedat: 09/16/2024 08:00:59
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-requestpullcode: 200
cdn-cache: HIT
cache-control: public, max-age=0
cdn-requestpullsuccess: True
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestid: 2f14e6fe952a4c96dfa640120ed0208d
cdn-pullzone: 506217
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE

GET
H2 200 pages Show response
api.liveby.com/v1/ 2 B
557 B 524ms
405ms Fetch
application/json 2600:9000:223d:cc00:11:93bc:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages?id=ewm&ref=%2F
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:cc00:11:93bc:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: 'max-age=120'
content-encoding: gzip
x-amz-apigw-id: eTFw_EHfiYcEsbA=
x-amzn-trace-id: Root=1-66eab66c-701081f54272c80b7ec2ba9e;Parent=7033b228f63515db;Sampled=0;lineage=1:e5050681:0
access-control-allow-credentials: true
x-amzn-requestid: 1c41d387-1b12-422f-a5fb-5b4e17b45cc7
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 22
x-amz-cf-id: nUGldnXXlF_OjhA2vekTVFbhYzR3XgUGD-y124FP53o7gfZ_rcu6RA==
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7, FRA56-P3

GET
H2 200 main.css
pages.liveby.com/static/css/ 5 KB
2 KB 49ms
40ms Stylesheet
text/css 2600:9000:2724:a00:a:6937:9340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.liveby.com/static/css/main.css?cb=1
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:a00:a:6937:9340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2034fdf63bd07647ad1c842ffaa0620d9fc1f76d133f02335b9d95052ae825

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"0455f776a6fc4fea1029a820e4c8c325"
age: 46438
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: qGeXyG_6scZEph_0OXiBZa5VbuAfP3d3Gv_beC5vvQYuccyCvkk7vw==
date: Tue, 17 Sep 2024 22:21:59 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 10 Jan 2024 15:46:55 GMT
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 98ms
41ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4443, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: ec16tHEen7ZaPwitcDwjG0+84RP7JQRCV2FwtkUppLEi2aVMk/BVcDtwmbEKehe4Y8goSbzJNqaEjAhCQQlUlA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 118ms
116ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-670219055&l=dataLayer&cx=c

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78a847c5b0b84d3586e91acc4392b9ce679519f9ec1974bdec99b8ad499f4129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 87074
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 search Show response
flagshipapi.boomtownroi.com/lc/1/listings/ 284 KB
32 KB 1073ms
201ms XHR
application/json 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://flagshipapi.boomtownroi.com/lc/1/listings/search?action=ajax_submit&access_token=0f3f2B0Z0T3S2z2A3I3s2K0L2q301r140-3B233J2c2K0x1x161i2m2S1G3H061s&VisitorID=4020448460&VisitID=5108788245&sort=importdate&status=A%2CCS&photo=1&LogSearch=true

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3c9d4b3bb778913bfa2b59527c6ed8d177266f6340626a662b703e0715472eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31535400; includeSubDomains; preload;
cache-control: private
x-aspnet-version: 4.0.30319
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 32853
traceid: 6211577508471369728
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-allow-headers: accept, Content-Type

GET
H/1.1

200
OK

Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2024/07/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg

492 KB
493 KB

458ms
221ms

Image
image/jpeg

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a29a37ff1955f1a9907e049b638ad1b3acde227e90adb7d7ed155fc4ed2bed4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: ZEdEGYn1whnto1XXLXBFei3f2ssaCRKeI/uoqRS09BDhpRazoIeKa5Caw1DicwNHdvrv8adH9bM=
ETag: "ca1153ddd6bc29d0d053ad2fccf960d7"
x-amz-version-id: null
x-amz-request-id: Y0H7CRAFVVHCJ137
Accept-Ranges: bytes
Content-Length: 504261
Date: Wed, 18 Sep 2024 11:15:57 GMT
Last-Modified: Wed, 31 Jul 2024 21:12:34 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2024/07/Mid-Year-2024-report-cover-1600x900-4f57f1556c48b15eacefcc91d9bc4b80ee160cca-scaled.jpg
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658156.177698,VS0,VE1
age: 5978
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H2 200 p Show response
i.simpli.fi/ 809 B
769 B 52ms
44ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=38669&cb=sifi_att_2264691188191560._hp
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 90b27b2e6cc6aa7d222286826b251045224a9ecc2ac8a4d1a3ce93a0b54aee1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 60ms
59ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WJZQKH5W34&cx=c&_slc=1

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

34fab4665180ec1a2d27fdfcc38ffa44267953f3f324e291ca33e245799b041b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 18 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95098
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 62ms
62ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6YGHGHC8EM&cx=c&_slc=1

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

095125b399d2fc7d102d379888ef62a509309e5055fb89fb2f80cf7fdca6297c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 18 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98071
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 138ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SK2113WW5W&gtm=45je4990v9113952651za200&_p=1726658155465&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1926013286.1726658156&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726658156&sct=1&seg=0&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&en=page_view&_fv=1&_ss=1&_ee=1&epn.tenantId=5902&epn.visitorId=4020448460&epn.visitId=5108788245&epn.isRegistered=0&epn.subdomainAgentId=187842&ep.homepageLayout=Hawkeye&ep.teaserTemplate=porthole-offset&ep.videoBackground=&epn.postId=1&ep.source=&tfd=2174
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 87ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZD8HKNH30V&gtm=45je4990v9177095165za200&_p=1726658155465&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1926013286.1726658156&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726658156&sct=1&seg=0&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&en=page_view&_fv=1&_ss=1&_ee=1&epn.tenantId=5902&epn.visitorId=4020448460&epn.visitId=5108788245&epn.isRegistered=0&epn.subdomainAgentId=187842&ep.homepageLayout=Hawkeye&ep.teaserTemplate=porthole-offset&ep.videoBackground=&epn.postId=1&ep.source=&tfd=2226
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 202599653819082 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 159ms
159ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/202599653819082?v=2.9.167&r=stable&domain=markrousso.ewmre.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9d46868bf87920dc05f02f5336887e8f25a9986d6defa58189a414859790d833

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=67083, tp=62, tpl=0, uplat=117, ullat=0
pragma: public
x-fb-debug: pk935Of1VDxGQzd84z3HoLlANXJ2kXUmV8DKJ/qNeRAdjRqqOxvBr3D0+4TCmYmfAWilQipkRjszV8WaeAn0LA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 48ms
47ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1411102354&t=pageview&_s=1&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&ul=de-de&de=UTF-8&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAGAAI~&jid=779895705&gjid=603341098&cid=1926013286.1726658156&tid=UA-22147283-3&_gid=1873965290.1726658156&_r=1&_slc=1&gtm=45He4990n715BDFQVv71513647za200&cd4=&cd1=5108788245&cd2=0&cd6=porthole-offset&cd8=1&cd13=0&cd18=4020448460&cd43=5902&cd50=187842&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421&npa=1&z=1193049397

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
date: Wed, 18 Sep 2024 11:15:56 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
wp.prod.boomtownroi.com/fb-authenticator/ Frame 8967 0
0 465ms
194ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://markrousso.ewmre.net

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://markrousso.ewmre.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Sep 2024 11:15:56 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2 200 /
wp.prod.boomtownroi.com/fb-authenticator/ Frame 754D 0
0 634ms
169ms Document
text/html 204.232.141.225
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://wp.prod.boomtownroi.com/fb-authenticator/?domain=https://markrousso.ewmre.net

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

204.232.141.225 , United States, ASN27357 (RACKSPACE, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Request headers

Referer: https://markrousso.ewmre.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Sep 2024 11:15:56 GMT
server: nginx
strict-transport-security: max-age=31535400; includeSubDomains; preload;
vary: Accept-Encoding

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=93D2EA6C386149D8B4B68CD0C6D83DF7

0
237 B

162ms
70ms

Image
text/plain

2600:9000:211e:b400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 2600:9000:211e:b400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: xd0Ckzw4pubpPO9CbOv-0VnrZ6SIiFzHZRZPxAlo_IZN1-_-agoRiQ==
date: Wed, 18 Sep 2024 11:15:56 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

RX-67162859-9ad2-4062-8111-9554d195b241-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/93D2EA6C386149D8B4B68CD0C6D83DF7
https://sync.1rx.io/usersync/simplifi/93D2EA6C386149D8B4B68CD0C6D83DF7?zcc=1&cb=1726658156942
https://sync.targeting.unrulymedia.com/csync/RX-67162859-9ad2-4062-8111-9554d195b241-003

43 B
378 B

145ms
48ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-67162859-9ad2-4062-8111-9554d195b241-003
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Wed, 18 Sep 2024 11:15:57 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-67162859-9ad2-4062-8111-9554d195b241-003
date: Wed, 18 Sep 2024 11:15:56 GMT
pragma: no-cache
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=93D2EA6C386149D8B4B68CD0C6D83DF7&dongle=yf3

37 B
140 B

131ms
39ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=93D2EA6C386149D8B4B68CD0C6D83DF7&dongle=yf3
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=93D2EA6C386149D8B4B68CD0C6D83DF7&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=93D2EA6C386149D8B4B68CD0C6D83DF7

43 B
175 B

384ms
119ms

Image
image/gif

2600:1f18:612b:4280:1aa0:e7ab:14da:3634
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 2600:1f18:612b:4280:1aa0:e7ab:14da:3634 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7

95 B
429 B

52ms
51ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=93D2EA6C386149D8B4B68CD0C6D83DF7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=93D2EA6C386149D8B4B68CD0C6D83DF7
https://d.agkn.com/pixel/10751/?che=1726658156951&ip=80.255.7.105&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216663105009001846078
https://um.simpli.fi/aa_px?sk=216663105009001846078
https://um.simpli.fi/empty.gif

43 B
361 B

123ms
123ms

Image
image/gif

35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=93D2EA6C386149D8B4B68CD0C6D83DF7

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:93D2EA6C386149D8B4B68CD0C6D83DF7

0
225 B

170ms
47ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: text/html; charset=utf-8
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

200

user-registering
ads.stickyadstv.com/
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=93D2EA6C386149D8B4B68CD0C6D83DF7

43 B
655 B

230ms
50ms

Image
image/gif

2607:ae80:192:1::176
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 2607:ae80:192:1::176 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

Transfer-Encoding: chunked
Cache-Control: no-cache
Pragma: no-cache
x-sticky-vk: 1726658157057071-333
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Date: Wed, 18 Sep 2024 11:15:57 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=93D2EA6C386149D8B4B68CD0C6D83DF7;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=93D2EA6C386149D8B4B68CD0C6D83DF7;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=8912989850806731202

0
42 B

50ms
50ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8912989850806731202
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:57 GMT

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://idsync.rlcdn.com/400646.gif?partner_uid=8912989850806731202
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
anserver: gapp-eu-4.c.datonics-gcp-01.internal
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
alt-svc: clear
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
server: Apache-Coyote/1.1

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0&xl8blockcheck=1

0
767 B

58ms
57ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0&xl8blockcheck=1
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 18 Sep 2024 11:15:57 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=93D2EA6C386149D8B4B68CD0C6D83DF7&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=93D2EA6C386149D8B4B68CD0C6D83DF7

0
126 B

180ms
67ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=93D2EA6C386149D8B4B68CD0C6D83DF7

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.137 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Wed, 18 Sep 2024 11:15:57 GMT
age: 0
server: ATS/9.1.10.137

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=93D2EA6C386149D8B4B68CD0C6D83DF7

0
421 B

493ms
118ms

Image
text/plain

52.44.245.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 52.44.245.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-245-245.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

Date: Wed, 18 Sep 2024 11:15:56 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=93D2EA6C386149D8B4B68CD0C6D83DF7

62 B
443 B

311ms
198ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=93D2EA6C386149D8B4B68CD0C6D83DF7
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=93D2EA6C386149D8B4B68CD0C6D83DF7

49 B
265 B

175ms
53ms

Image
image/gif

52.211.71.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 52.211.71.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-71-211.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
x-server: 10.45.1.65
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=93D2EA6C386149D8B4B68CD0C6D83DF7

0
223 B

179ms
56ms

Image
text/plain

63.34.208.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 63.34.208.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-208-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 18 Sep 2024 11:15:57 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=93D2EA6C386149D8B4B68CD0C6D83DF7

0
98 B

150ms
52ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:57 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1726658156191&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...

42 B
64 B

105ms
55ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7EC&pscrd=IhMI5-nE8K7MiAMV_YqDBx2ryTgvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21hcmtyb3Vzc28uZXdtcmUubmV0Lw&is_vtc=1&cid=CAQSGwDpaXnfuP6x6ZepMfYYsMD3yl3dyoLXAR9EVA&random=3440790155&ipr=y

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1786512403&cv=7&fst=1726658156191&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgibx7EC&pscrd=IhMI5-nE8K7MiAMV_YqDBx2ryTgvMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL21hcmtyb3Vzc28uZXdtcmUubmV0Lw&is_vtc=1&cid=CAQSGwDpaXnfuP6x6ZepMfYYsMD3yl3dyoLXAR9EVA&random=3440790155&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 140ms
137ms Image
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Wed, 18 Sep 2024 11:15:56 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=93D2EA6C386149D8B4B68CD0C6D83DF7
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D93D2EA6C386149D8B4B68CD0C6D83DF7

43 B
1 KB

59ms
59ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D93D2EA6C386149D8B4B68CD0C6D83DF7

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: e9e4cc97-8abd-4d5c-9e26-2062c55dcb77
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 18 Sep 2024 11:15:57 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D93D2EA6C386149D8B4B68CD0C6D83DF7
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 80.255.7.105; 80.255.7.105; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: f2d7d30e-89fa-4510-bf25-87c1a9e95372
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 18 Sep 2024 11:15:57 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=93D2EA6C386149D8B4B68CD0C6D83DF7&expires=365

0
239 B

181ms
42ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=93D2EA6C386149D8B4B68CD0C6D83DF7&expires=365
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=93D2EA6C386149D8B4B68CD0C6D83DF7&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=93D2EA6C386149D8B4B68CD0C6D83DF7

43 B
264 B

146ms
48ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=93D2EA6C386149D8B4B68CD0C6D83DF7
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=93D2EA6C386149D8B4B68CD0C6D83DF7
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 17 Sep 2024 11:15:56 GMT
access-control-allow-origin: *
content-length: 142
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 203ms
93ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 18 Sep 2024 11:15:56 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 /
cdn.usefathom.com/ 43 B
427 B 60ms
59ms Image
image/gif 2400:52e0:1e00::1082:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usefathom.com/?h=https%3A%2F%2Fwww.ewmre.net&p=%2F&r=&sid=ZGTWRZTY&qs=%7B%7D&cid=23938436
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cdn-status: 200
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain; charset=utf-8, image/gif
cdn-cachedat: 09/18/2024 11:15:56
cdn-cache: MISS
cdn-requestpullcode: 200
cache-control: public, max-age=0
cdn-requestpullsuccess: True
tk: N
pragma: no-cache
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestid: 410d2adbd553661eaaf03a953bda1fe2
cdn-pullzone: 506217
cdn-proxyver: 1.04
content-length: 43
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1082
cdn-requestcountrycode: DE

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 57ms
56ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WJZQKH5W34&gtm=45je4990v9123970927za200&_p=1726658155465&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1926013286.1726658156&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&uid=4020448460&sid=1726658156&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=unregistered&ep.ua_dimension_11=4020448460&tfd=2384
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6YGHGHC8EM&gtm=45je4990v9125603811za200&_p=1726658155465&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1926013286.1726658156&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&dt=Berkshire%20Hathaway%20HomeServices%20EWM%20Realty&uid=4020448460&sid=1726658156&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=unregistered&ep.ua_dimension_11=4020448460&tfd=2405
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://markrousso.ewmre.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 990130191007447 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 135ms
134ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990130191007447?v=2.9.167&r=stable&domain=markrousso.ewmre.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144%2C111

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7910c0521ed8f078d17dbe4d3ad323eb2399de38816fafef0befe7b6ce61e268

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=87, mss=1232, tbw=83033, tp=78, tpl=0, uplat=94, ullat=0
pragma: public
x-fb-debug: BhM4LhNaEI6NnOR8dQ3jfQnEEH1+uqAgUOxQnXMsQWW1GLdK0J+UG/e145e5nu5HSbdEZv0G1zNE3vRADbvQGA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202599653819082&ev=PageView&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&rl=&if=false&ts=1726658156488&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726658156486.471299959419045945&cs_est=true&ler=empty&cdl=API_unavailable&it=1726658156304&coo=false&rqm=GET

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 175ms
174ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=202599653819082&ev=PageView&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&rl=&if=false&ts=1726658156488&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726658156486.471299959419045945&cs_est=true&ler=empty&cdl=API_unavailable&it=1726658156304&coo=false&rqm=FGET

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415940312420891238"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: TTM8NW+YPtMz4CAblBfdsr/eYUXR9dst6p0SZbP3UaBcGg0HaHAG1Yl++Ydp1KWQSgy1HWloZxoKq3STakLiDA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415940312420891238", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=13, mss=1297, tbw=6168, tp=-1, tpl=-1, uplat=133, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 ldp-template Show response
api.liveby.com/v1/pages/ 44 B
598 B 366ms
361ms Fetch
application/json 2600:9000:223d:cc00:11:93bc:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages/ldp-template?clientid=ewm
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:cc00:11:93bc:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fd883a6168151dad1350c7eadd7c0b1657977ed6eb607e78c8291a4eecaa1cde

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: 'max-age=120'
content-encoding: gzip
x-amz-apigw-id: eTFxDE8TiYcEmxQ=
x-amzn-trace-id: Root=1-66eab66c-4513b1c778284fc27c5a4572;Parent=1c2f0aa4a32a0102;Sampled=0;lineage=1:5238436a:0
access-control-allow-credentials: true
x-amzn-requestid: a8fde9f4-4a5e-4a8f-89e6-b130c83572d7
via: 1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 64
x-amz-cf-id: c4DcS8s7gqWBYQu-OfEczch0sDX4Zk5cNZXMICBOB4UJK1uoXlB9dw==
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7, FRA56-P3

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 40ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990130191007447&ev=PageView&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&rl=&if=false&ts=1726658156631&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726658156486.471299959419045945&ler=empty&cdl=API_unavailable&it=1726658156304&coo=false&rqm=GET

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=13, mss=1297, tbw=3204, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 160ms
159ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=990130191007447&ev=PageView&dl=https%3A%2F%2Fmarkrousso.ewmre.net%2F&rl=&if=false&ts=1726658156631&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726658156486.471299959419045945&ler=empty&cdl=API_unavailable&it=1726658156304&coo=false&rqm=FGET

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415940312099376895"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: /n1U5PTyR9Dki3bPSHTGIi5EX0PntSAgL2rVa/8PRkajOXytZcJ+/h/LsCISSog7FBihSkobXy7uknEFVfIrBQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415940312099376895", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=13, mss=1297, tbw=3351, tp=-1, tpl=-1, uplat=116, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 SuggestListings Show response
suggest.boomtownroi.com/1/ 2 KB
853 B 506ms
131ms Script
application/json 204.232.141.226
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.boomtownroi.com/1/SuggestListings?callback=jQuery360005847186825808359_1726658155753&tenantID=5902&q=&maxResults=15&type=all&visitorid=4020448460&_=1726658155754
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 204.232.141.226 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3858bbd8a42a3f4f7f42cb921c97134de33c4fdbf4c118a3a2bf497fa07d7590

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: private
x-aspnet-version: 4.0.30319
content-encoding: gzip
content-length: 656
traceid: 6211578251525840896
date: Wed, 18 Sep 2024 11:15:56 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Microsoft-IIS/10.0

OPTIONS
H2 200 profilesLogs
api.liveby.com/v1/pages/ Frame 0
0 360ms
359ms Preflight
application/json 2600:9000:223d:cc00:11:93bc:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages/profilesLogs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:cc00:11:93bc:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://markrousso.ewmre.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,csrf-token
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-origin: https://markrousso.ewmre.net
access-control-max-age: 86400
content-encoding: gzip
content-length: 21
content-type: application/json
date: Wed, 18 Sep 2024 11:15:57 GMT
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-apigw-id: eTFxHEYviYcEUqQ=
x-amz-cf-id: MHTMnEf9qtRI_o4OBuC13cez4VvHIktXBpzcinMRFnewjoNX7jhJSQ==
x-amz-cf-pop: FRA60-P7 FRA56-P3
x-amzn-requestid: fd5bcd27-07f3-4cad-8643-7492547d3fb7
x-cache: Miss from cloudfront

POST
H2 200 profilesLogs Show response
api.liveby.com/v1/pages/ 20 B
573 B 368ms
367ms Fetch
application/json 2600:9000:223d:cc00:11:93bc:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.liveby.com/v1/pages/profilesLogs
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:cc00:11:93bc:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://markrousso.ewmre.net/

Response headers

cache-control: 'max-age=120'
content-encoding: gzip
x-amz-apigw-id: eTFxKHXLiYcEpxw=
x-amzn-trace-id: Root=1-66eab66d-24a1a11606edcb2421196ce2;Parent=39f1ba66a4dcbd38;Sampled=0;lineage=1:588194c9:0
access-control-allow-credentials: true
x-amzn-requestid: 1b95a49c-c33a-4dac-9949-a5f6e477a0af
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront), 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 40
x-amz-cf-id: B53mQBrJfLoGtzu2Mqd4Br0G5IL2EayROl5MsXiFI2eRizhCy3n92A==
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P7, FRA56-P3

GET
H2 200 nr-spa-1.266.0.min.js Show response
js-agent.newrelic.com/ 108 KB
31 KB 148ms
49ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.266.0.min.js

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2466cad59509908859124f92c1d9a358117a2e9231859ab82c854d986af17510

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://markrousso.ewmre.net
Referer: https://markrousso.ewmre.net/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "ad3dba456087d08c6f96b0af1901f44c"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 31930
date: Wed, 18 Sep 2024 11:15:57 GMT
last-modified: Tue, 17 Sep 2024 14:19:27 GMT
content-type: application/javascript
x-served-by: cache-mxp6952-MXP
x-cache-hits: 14993
vary: Accept-Encoding

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 0E25 0
0 147ms
67ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeoyN4UAAAAAJtIzwrzOAMknBZ6NSabe-uE2RWI&co=aHR0cHM6Ly9tYXJrcm91c3NvLmV3bXJlLm5ldDo0NDM.&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=q9eov9kmrp7l

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LaY9US-BOwQs-bgsJUKk6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://markrousso.ewmre.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LaY9US-BOwQs-bgsJUKk6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 11:15:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
85 KB 56ms
55ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-784324384&l=dataLayer&cx=c

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

91072e158acd8b07f65bd18d125edccbd0b8949623ba3b6c0696c59fcaac9233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

content-encoding: br
expires: Wed, 18 Sep 2024 11:15:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 11:15:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 86611
x-xss-protection: 0
server: Google Tag Manager

POST
H/1.1 200 7bce71ab19 Show response
bam.nr-data.net/1/ 175 B
632 B 582ms
486ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7bce71ab19?a=15738311&v=1.266.0&to=ZlUBbRBSXUNSAhVQV18fIloWWlxeHAcTVlZFHRNYBVY%3D&rst=3931&ck=0&s=939c405db1869de1&ref=https://markrousso.ewmre.net/&ptid=5dd697b210d4d18a&af=err,spa,xhr,stn,ins&ap=373&be=1240&fe=2527&dc=942&at=ShIWG1hIThwRAEMDQ0xN&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1726658154061,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:622,%22c%22:622,%22s%22:747,%22ce%22:873,%22rq%22:873,%22rp%22:1240,%22rpe%22:1490,%22di%22:2181,%22ds%22:2182,%22de%22:2182,%22dc%22:3755,%22l%22:3755,%22le%22:3767%7D,%22navigation%22:%7B%7D%7D&fp=1816&fcp=1816
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a72da1efaf2483d765f99e47fc727539d32c1d76bf0fc1df9c03d99c4cbdb499

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://markrousso.ewmre.net
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://markrousso.ewmre.net
Content-Length: 175
date: Wed, 18 Sep 2024 11:15:58 GMT
content-type: text/plain
x-served-by: cache-fra-etou8220123-FRA

GET
H/1.1

200
OK

cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png

20 KB
20 KB

154ms
154ms

Other
image/png

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 501dc249a8cfc28bebb3ea0dbbfd0c165af33c5f10cc04c1e594fd3c2790abb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: O9hCKhU9TniEpqy8z8iDDsKTEY2RcY8Zb50F58zsIhRboj+lBEupdgX9SQhXJv7v+0ra3Np65Cg=
ETag: "9cff22245ea4d0a7893b4ad03c6f49a9"
x-amz-version-id: null
x-amz-request-id: YK2CRTX3SWQG5NKD
Accept-Ranges: bytes
Content-Length: 20509
Date: Wed, 18 Sep 2024 11:15:59 GMT
Last-Modified: Wed, 15 Feb 2023 14:53:19 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef.png
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658159.541724,VS0,VE1
age: 165827
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:58 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 23F9 0
0 58ms
58ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=EGbODne6buzpTnWrrBprcfAY&k=6LeoyN4UAAAAAJtIzwrzOAMknBZ6NSabe-uE2RWI

Requested by

Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4m0gh7C4GUXlnoo5na9rzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://markrousso.ewmre.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4m0gh7C4GUXlnoo5na9rzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 11:15:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 7bce71ab19 Show response
bam.nr-data.net/events/1/ 24 B
347 B 154ms
153ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/7bce71ab19?a=15738311&v=1.266.0&to=ZlUBbRBSXUNSAhVQV18fIloWWlxeHAcTVlZFHRNYBVY%3D&rst=4523&ck=0&s=939c405db1869de1&ref=https://markrousso.ewmre.net/&ptid=5dd697b210d4d18a
Requested by: Host: markrousso.ewmre.net
URL: https://markrousso.ewmre.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://markrousso.ewmre.net/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://markrousso.ewmre.net
Content-Length: 24
date: Wed, 18 Sep 2024 11:15:58 GMT
content-type: image/gif
x-served-by: cache-fra-etou8220123-FRA

GET
H/1.1

200
OK

cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png
boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/
Redirect Chain

https://bt-wpstatic.freetls.fastly.net/wp-content/blogs.dir/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png
https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png

722 B
1 KB

147ms
147ms

Other
image/png

54.231.194.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png
Protocol: HTTP/1.1
Server: 54.231.194.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7e79bfffdbe652cd98be2c1ccc6a66759b4e40bd8881c52df551d79993596bff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://markrousso.ewmre.net/

Response headers

x-amz-id-2: r0BK193ikq/xh+/YUgdwcdfF4GYAGraG2o3Uvm8N0eTvyj5zYPBnw1qDm6NUAoVoE6yvWUnyn1c=
ETag: "945e84321d25fb226b286eeca4705040"
x-amz-version-id: null
x-amz-request-id: YK2176EDWJRKFJ6B
Accept-Ranges: bytes
Content-Length: 722
Date: Wed, 18 Sep 2024 11:15:59 GMT
Last-Modified: Wed, 15 Feb 2023 14:53:19 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

cache-control: public, max-age=864000
location: https://boomtown-production-consumer-backup.s3.amazonaws.com/5537/files/2023/02/cropped-favi-b44ca17dae388839930b36af6b5b6a890c90e9ef-32x32.png
x-boomtown-cache: bt-wpstatic.global.ssl.fastly.net
x-timer: S1726658159.751283,VS0,VE1
age: 165827
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 138
date: Wed, 18 Sep 2024 11:15:58 GMT
content-type: text/html
x-served-by: cache-mxp6920-MXP
server: nginx
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=93D2EA6C386149D8B4B68CD0C6D83DF7

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ewmre.net/	1970-01-21 08:23:14	Name: BoomTownAuth Value: Vm1zK1ErVUFXTy9mOHpnelBuTnZaZz09%3AISVn0KfA%2BP7Jie9%2F%2FXoqQQ%3D%3D
.ewmre.net/	1970-01-20 23:37:41	Name: BoomTownData Value: VisitID%3D5108788245%26OriginalUrl%3Dhttps%253A%252F%252Fmarkrousso.ewmre.net%252F%26Referrer%3D%26IsRegistered%3D0%26FirstName%3DGuest%26LastName%3DVisitor%26Username%3D%26FavoriteCount%3D0%26ActiveSearchCount%3D0
.markrousso.ewmre.net/	1969-12-31 23:59:59	Name: BoomTownCustomPageId Value: direct
.ewmre.net/	1970-01-20 23:39:04	Name: _gid Value: GA1.2.1873965290.1726658156
.simpli.fi/	1970-01-21 08:24:40	Name: suid Value: 93D2EA6C386149D8B4B68CD0C6D83DF7
.ewmre.net/	1970-01-20 23:37:38	Name: _gat_clientAccount Value: 1
.ewmre.net/	1970-01-20 23:37:38	Name: _gat_customAccount Value: 1
.ewmre.net/	1969-12-31 23:59:59	Name: LastSearch Value:
.ewmre.net/	1970-01-21 01:47:14	Name: _gcl_au Value: 1.1.1291727060.1726658156
.simpli.fi/	1970-01-20 23:47:42	Name: uid_syncd_secure Value: true
.ewmre.net/	1970-01-21 09:13:38	Name: _ga_SK2113WW5W Value: GS1.1.1726658156.1.0.1726658156.0.0.0
.ewmre.net/	1970-01-21 09:13:38	Name: _ga_ZD8HKNH30V Value: GS1.1.1726658156.1.0.1726658156.0.0.0
.ewmre.net/	1970-01-21 09:13:38	Name: _ga Value: GA1.2.1926013286.1726658156
.ewmre.net/	1970-01-20 23:37:38	Name: _gat_UA-22147283-3 Value: 1
.ewmre.net/	1970-01-21 09:13:38	Name: _ga_WJZQKH5W34 Value: GS1.2.1726658156.1.0.1726658156.0.0.0
.ewmre.net/	1970-01-21 09:13:38	Name: _ga_6YGHGHC8EM Value: GS1.2.1726658156.1.0.1726658156.0.0.0
.ewmre.net/	1970-01-21 01:47:14	Name: _fbp Value: fb.1.1726658156486.471299959419045945
.doubleclick.net/	1970-01-20 23:37:39	Name: test_cookie Value: CheckForPermission
.1rx.io/	1970-01-21 08:23:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-67162859-9ad2-4062-8111-9554d195b241-003%22%7D
.agkn.com/	1970-01-21 08:23:14	Name: ab Value: 0001%3ApxO3sXuERpgrgusuLK1bl2NoOGG1nP%2Fg
.tapad.com/	1970-01-21 01:04:02	Name: TapAd_TS Value: 1726658156947
.tapad.com/	1970-01-21 01:04:02	Name: TapAd_DID Value: 7fafba3f-f998-4635-8fa0-fd4efb562c6f
.tapad.com/	1970-01-21 01:04:02	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-21 01:47:14	Name: XANDR_PANID Value: hKR5qkZR6tuTrSoLnpWF193km5iVL0jRL4E2zOlLjmmJq1XUGUrTvlNTzUhFMuY8x5T4X6rQWX7t88wilq5MiAUoka27xX_vxbET4SyxN1E.
.adnxs.com/	1970-01-21 09:13:38	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:47:14	Name: uuid2 Value: 82610295507014648
.pro-market.net/	1970-01-21 03:56:50	Name: anProfile Value: "1vpsv7n9by94y+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0133800920000000000000007+s2=(sk09yl)+vm=24-93D2EA6C386149D8B4B68CD0C6D83DF7"
.pro-market.net/	1970-01-21 00:20:50	Name: anHistory Value: "1vpsv7n9by94y+2+!#7%/$x#Sf%"
.exelator.com/	1970-01-21 02:30:26	Name: EE Value: "4e56684dfb254d3787ebbcbba5ca7b86"
.targeting.unrulymedia.com/	1970-01-21 08:23:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-67162859-9ad2-4062-8111-9554d195b241-003%22%7D
.ads.stickyadstv.com/	1970-01-21 00:20:50	Name: UID Value: e5225a483f85d87ce0434a891cdf2757
.ads.stickyadstv.com/	1970-01-20 23:39:04	Name: uid-bp-26865 Value: 93D2EA6C386149D8B4B68CD0C6D83DF7
.agkn.com/	1970-01-21 08:23:14	Name: u Value: C\|0AAAAAAAALn1y7QAAAAAA
.adnxs.com/	1970-01-21 01:47:14	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?hp4._@!]tbPl1N!7On*M$=BX)2eU9X[gm>]hglA?ZeTXf<fnv[XeTG3ReTY=Lh!=5tVtW7w/X%W#.wL4W1Qw2R8Wg#8
.exelator.com/	1970-01-21 02:30:26	Name: ud Value: "eJxrXxzq6XKLQcEk1dTMzMIkJS3JyNQkxdjcwjw1KSk5KSnRNDnRPMnCbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6IhfXxUUpaQyLSopPBZ9kygEA0DAqaw%253D%253D"
.bluekai.com/	1970-01-21 03:58:16	Name: bku Value: blx99sttbZjtWZAe
.bluekai.com/	1970-01-21 03:58:16	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEApHeJaxEje1pQt1Ex8HeCYBW/tmWBW1W1tHeQpHWRl9y9oN9Fc
.bfmio.com/	1970-01-21 08:23:14	Name: __141_cid Value: 93D2EA6C386149D8B4B68CD0C6D83DF7
.bfmio.com/	1970-01-21 08:23:14	Name: __io_cid Value: 114569c4b411b920428c0c04a112a3f6cb1d6437

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://markrousso.ewmre.net/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=93D2EA6C386149D8B4B68CD0C6D83DF7 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=93D2EA6C386149D8B4B68CD0C6D83DF7 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=8912989850806731202 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31535400; includeSubDomains; preload;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
api.liveby.com
bam.nr-data.net
bcp.crwdcntrl.net
boomtown-production-consumer-backup.s3.amazonaws.com
bt-wpstatic.freetls.fastly.net
cdn.usefathom.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
flagshipapi.boomtownroi.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
loadm.exelator.com
markrousso.ewmre.net
pages.liveby.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
static.boomtownroi.com
stats.g.doubleclick.net
suggest.boomtownroi.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
wp.prod.boomtownroi.com
www.ewmre.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
sync.intentiq.com
13.248.245.213
142.250.181.227
142.250.184.196
142.250.185.168
142.250.186.110
142.250.186.130
157.240.0.6
162.247.243.29
172.217.18.98
172.217.23.98
18.193.63.175
185.64.191.210
185.89.210.90
2001:4860:4802:32::36
204.232.141.225
204.232.141.226
2400:52e0:1e00::1082:1
2600:1901:0:8eee::
2600:1f18:612b:4280:1aa0:e7ab:14da:3634
2600:9000:211e:b400:1b:5138:8a40:93a1
2600:9000:223d:cc00:11:93bc:4f40:93a1
2600:9000:2724:a00:a:6937:9340:93a1
2602:816:5001::39
2607:ae80:192:1::176
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2003
2a00:1450:400c:c00::9c
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::591
3.121.124.19
3.75.62.37
34.111.113.62
35.194.66.159
35.234.162.151
35.244.159.8
35.244.174.68
46.228.174.117
52.211.71.211
52.44.245.245
54.231.194.177
54.78.254.47
63.34.208.184
69.173.144.139
72.246.169.24
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
095125b399d2fc7d102d379888ef62a509309e5055fb89fb2f80cf7fdca6297c
0a36bbc4571595d89f077de130041f7673795dee9390aa7699d612838d322a6e
0a75aaef9be6d97f9e9974e16297fe491e4f7ccac6f7441013372d69550fc2b2
0aee617704eccb0f4dd644b994ca0eb698800bb3a6978c19f8202f17e5ceb19a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c178741a34e6c29013714d1b48ba987fbda1fd0570b3a0ff7e505ca3d3b99f3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
12b4b3d3e75063715e88c3ea4df748c6b57c1de49ac6c8291dc333459f5e9f04
152912e109dc49161717407bccb672669982e04a35df96afa574533c15a1950a
1c0d144432b6d24a195bdebab10fc83d01d9f3403326accd6537cf93020ad658
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2003fc07084ad7f3b2805ebae45f9c10101df5c259c848e2a51275271af43285
2466cad59509908859124f92c1d9a358117a2e9231859ab82c854d986af17510
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2d4bcf257e1d85cc65152b9558dd64c189f22439e0dc8ad946ee42981d7d6133
2f4aafa24c3919ed8d6a22c605ed2161b592b0b8e22aa100c3560590c9603648
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
34fab4665180ec1a2d27fdfcc38ffa44267953f3f324e291ca33e245799b041b
3858bbd8a42a3f4f7f42cb921c97134de33c4fdbf4c118a3a2bf497fa07d7590
3a9c8f47d224673f34eb7c855b21b764bc031e62ce08b51e755bb392d6ff8b9c
3c165d7bdcae3acbb1769917e45538025d526f2145ef926b851def47c1fe9845
3c9d4b3bb778913bfa2b59527c6ed8d177266f6340626a662b703e0715472eb1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
484a827bdf834ea25fca6fdd0f02bfad413d976b9f10c8ff0f6d926d5f28af1e
4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6d10f859aeaa89e692d2a1f457495e20bb1d5e614abdf52286fa7aaf64ef85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501dc249a8cfc28bebb3ea0dbbfd0c165af33c5f10cc04c1e594fd3c2790abb3
5690d9f5745b42e9c6f76d6941ef4f7e689b3fa7c0e8575d5a7e509a34a692f2
56c8b344ed0f0ee529e4b1ecd1f04f52b34d9bf9aa087dd661bbddab6559b766
5734967e3d637b206f75eac14c4e4d1c1143a293c827a8fc680dc29feedabce4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9920c945af94bbf49a05492579854a6a97c4ddf22ce58be50165d238cb9ffd
5ed65febf55a73d2553a28f0921762571de7fd9acc59a3e3c56e973da07d0adb
60b04299bc904d73c55d87ef6351383918bb808b05380fe8e7787af72d53d243
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64d8dab2a4c7b936426b195bb2224bb4af8dd9f32657db2520474393241bfe5f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2034fdf63bd07647ad1c842ffaa0620d9fc1f76d133f02335b9d95052ae825
738c9c106c9773cb7d47e0a37d2feebe5158521b03f01d37670241d8f2f101fa
7888ffcea333c718549f8cca260ec422d5ad5583d6cb32c049f61b57ecc395f0
78a847c5b0b84d3586e91acc4392b9ce679519f9ec1974bdec99b8ad499f4129
7910c0521ed8f078d17dbe4d3ad323eb2399de38816fafef0befe7b6ce61e268
7b71af20c1db935d7faca66f4b4c9a40a979b60a8b407db9d7ebca52c5f135b5
7ba88dd30b48d89de057c795a683f56ab5809da9a9ddc62cb1bd623678c926a5
7d8612b7632809e93dec66fee62d688a8cd5d1f7a69b1f6bd3b4b7e6ca7ea0d3
7e79bfffdbe652cd98be2c1ccc6a66759b4e40bd8881c52df551d79993596bff
8818c0110e1dfd7e51b8ff12137df7af01ea18e62e8be0ad888747fd39e441ca
8f4ef07c6cd0a859433381fd3143ea73511b858320c74fe8bb088c16d19eb61d
90b27b2e6cc6aa7d222286826b251045224a9ecc2ac8a4d1a3ce93a0b54aee1e
91072e158acd8b07f65bd18d125edccbd0b8949623ba3b6c0696c59fcaac9233
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
92c979bf04b65260a95f5d6f97db5a5a0e18b93d7a9b85efef2a0c0d328a4933
94f5196fd2a0e77ac5f6bbf268c53e36d4fc6bfe33cca0e3ca31fe4fb675a97b
99b209c1e0aa2cb29ffb56e0870ede333bc67cc3dbe8526365054936ddd09fae
9d46868bf87920dc05f02f5336887e8f25a9986d6defa58189a414859790d833
9de4339446cddeb1113b2fc32e344435fa23fe5d2266882003fddbd39daa4472
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16ff0d2c5f9b1dea2d4fa58a31da274ba956dc849ace164ad95c90b20f74a63
a29a37ff1955f1a9907e049b638ad1b3acde227e90adb7d7ed155fc4ed2bed4c
a3ae855a1a1f68214dc9d631e16673bda77c9647161c23c8ca6bc255aee384e3
a454a2f6c753dfa1f31cc7f4a732dc5e81f523c265c4e2cd0350b8e5218c3028
a72da1efaf2483d765f99e47fc727539d32c1d76bf0fc1df9c03d99c4cbdb499
a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afb22929459f47664cc10ab35232bc2b231481cb6643a284dc0e1caeee156f7e
b1ac9bbe6ebc1d737190ab70a23541cdf5d4a1834974f6daf1fe1bcb8bee4492
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfdb2e14b88ca2a16054bd2bc69fb27815db2254b6fd4f045176dcf125971fd
c5c2b8dd7b4560e7aa542d8a0179946f1220e84687db982751348af46abe494e
cf3b90b16144827f626d7136c588b74acfc27debbbb39ccb16d42dd9350510da
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dbf6e49525bb130e0c98c022d0aab07510b285a9dd9e9b1904efa4eac6b2adcd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd6d3bf0cbe180733d258dc372f0f66b5b38e930dbcdfb7300972df70c6d1994
de22013b68779c5df28bb2aa0d882e37a25355d137d961cf58051e85b568a5e8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ca95529ce0c9b0391ae03c2b475fb31594ed999de8dbf27fbff4233f395603
e346fbfb9c5998222c21d4dd2886d756cc23eb90318cdf6b6936762ef9c470e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b94513337c4622e2b03f98f16e4839866ba8f13c64a0a96b8eda8c7640e034
e847956b503576224a4fa62c6f26b174c83829205106a93c5bca0b252bf2df88
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e929d1aed85e732d87f877dc4a9d2632434f5dab2a425b853efbe579d6d874ef
ee834d7ff4fd391065c6d4cf520af5339e7481f376f5a73a7a59cc280295cf5a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6bf33cc79f76672d7e2ebb2e5f5cc8a7781be3fcf729b9eeba2d95860969242
fbf1edaff78cebae184df8f88e7e9a90dd41f47a480a7909c1c9dc59e49eedea
fd883a6168151dad1350c7eadd7c0b1657977ed6eb607e78c8291a4eecaa1cde

markrousso.ewmre.net Open in urlscan Pro 204.232.141.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

77 %HTTPS

33 %IPv6

39 Domains

50 Subdomains

41 IPs

6 Countries

7982 kBTransfer

13810 kBSize

39 Cookies

29 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

markrousso.ewmre.net Open in urlscan Pro
204.232.141.225 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

77 %
HTTPS

33 %
IPv6

39
Domains

50
Subdomains

41
IPs

6
Countries

7982 kB
Transfer

13810 kB
Size

39
Cookies

124 HTTP transactions
1 data transactions