urlscan.io logo urlscan.io
SecurityTrails logo

d6qm1aiyr8d4l.cloudfront.net Open in urlscan Pro
18.161.34.88  Public Scan

Go To Rescan Add Verdict Report
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Submission: On January 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 8 domains to perform 66 HTTP transactions. The main IP is 18.161.34.88, located in United States and belongs to AMAZON-02, US. The main domain is d6qm1aiyr8d4l.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d6qm1aiyr8d4l.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

35    18.161.34.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-88.bos50.r.cloudfront.net
d6qm1aiyr8d4l.cloudfront.net
1    2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:806::200a (United States)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
3    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c0b::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
35 cloudfront.net
d6qm1aiyr8d4l.cloudfront.net
6 MB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
224 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
firebase.googleapis.com — Cisco Umbrella Rank: 4828
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 373
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
255 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
1 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
5 KB
3 gstatic.com
fonts.gstatic.com
64 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
66 8
Domain Requested by
35 d6qm1aiyr8d4l.cloudfront.net d6qm1aiyr8d4l.cloudfront.net
8 pagead2.googlesyndication.com d6qm1aiyr8d4l.cloudfront.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 www.googletagmanager.com d6qm1aiyr8d4l.cloudfront.net
www.googletagmanager.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 analytics.google.com www.googletagmanager.com
2 firebaseinstallations.googleapis.com d6qm1aiyr8d4l.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 firebase.googleapis.com d6qm1aiyr8d4l.cloudfront.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com d6qm1aiyr8d4l.cloudfront.net
66 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
play.google.com
apps.apple.com
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://d6qm1aiyr8d4l.cloudfront.net/
Frame ID: DDA08B610D89EE41B116055A78216514
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 52FBA1E58340A53DF5A18DDAB3E9CFD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7268821145407068&output=html&adk=1812271804&adf=3025194257&lmt=1672903505&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fd6qm1aiyr8d4l.cloudfront.net%2F%23%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704143279041&bpp=4&bdt=465&idt=351&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2447071794955&frm=20&pv=2&ga_vid=933681321.1704143279&ga_sid=1704143279&ga_hid=1404358807&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2407222712714955&tmod=2106779585&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=387
Frame ID: 460A2EDDFE77798C460A29192DB3580D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A082A76699A4A91B79A2A665247FED3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 606507D0AED2D45C7D1883AC74C8F593
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Animal Track

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

92 %
IPv6

8
Domains

13
Subdomains

14
IPs

2
Countries

6773 kB
Transfer

7707 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d6qm1aiyr8d4l.cloudfront.net/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbb693ef3dfb3fcda0b4bc05bf84b3bb18e2f304dcfa23c9d80f11336aded2bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
10439
content-type
text/html
date
Mon, 01 Jan 2024 21:07:59 GMT
etag
"afa1f619adf77dc6b7332105f4ce55d9"
last-modified
Thu, 05 Jan 2023 07:25:05 GMT
server
AmazonS3
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
x-amz-cf-id
FujJZcDzBhlYtSfy_7cT_lc_dlCTnI8ArQpwkJR2e9vbYXBrRhfKlw==
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
css
fonts.googleapis.com/ 		75 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
002041cb2223cdcce64c34aedd9026a4f4f3fa81b5e83070bad6bc35068bd8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 21:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 21:03:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 21:07:58 GMT
jquery.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/ 		162 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3384dab4ea6b1b27df4a967c6556bcc7d6f08a296ba69511576e11beb9a8e16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"cb972f0ae0219597be5e7d8a74feaca9"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
165837
x-amz-cf-id
OPbKPM0zKw-AOTLRM1_vxhkzClmLDrSps577tG7-pAMyVq52jQlSZg==
jquery-migrate.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81ded0538dfc66bf3ddc059897ff65bf06449abb616bc7a8ed03c5f5a3d14d33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"0fbe83d35d864b443a960b5edea6683a"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
18940
x-amz-cf-id
x40nPVUEIlXAatRqAsYsQ7KhBofG8UGTYFri4XmGW9VNywk-TRNkCg==
she-header.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.4.3
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e976268fc5af78cf8e84752279db0554cccc76dec052b70266f9d31327195e8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"b4c8e6dc45a1a923844b0ed74174f69d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
8167
x-amz-cf-id
gkVKlePL3U653KeCTzzAhe4cMOp4aObGBWaQgBZmcsYac7K6vWa1oA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb779fe8a635ff9bc451f51b62afec21d0baf272d27ca19f113199181f1a80c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51191
x-xss-protection
0
server
cafe
etag
16815586633893164433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 21:07:58 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-189323392-1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58a5574936c9acef8bd32e12011fd2f70826c75d5b27248327bb9f934b29feae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64892
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 21:07:58 GMT
main.56b5fed3.js
d6qm1aiyr8d4l.cloudfront.net/static/js/ 		484 KB
485 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/js/main.56b5fed3.js
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49bcf8b14a59ac921514d5d4039ad0e9d3969798eb2f6c40eaca867f8e9c15b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:05 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"d5f229ecbf5c4fa6fa60f65cad28dd70"
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
495957
x-amz-cf-id
L7XDAfCVjJ_tb76DZSOXYzr0ab2G1u7y7yNnJN3ip1I0m_dO6Mhlug==
main.7d41f68b.css
d6qm1aiyr8d4l.cloudfront.net/static/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9cb0efaf15ccbc4deef61c7783145cdc1c027b1ce6a323f432ba644ec9ab3ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:05 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"105a917be53382780ecbe4f1e433c0aa"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1141056
x-amz-cf-id
RIWkXkgkgfoxjl32gn3DZCgaWYj_q12aLFmL0_Net54NPBuQVMVi0w==
primary-navigation.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/themes/twentytwentyone/assets/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bed5b4acb8be5c93a928c5925b05f47cc6072b0bc3da58c4feae08a47057529

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"016977fe13bc93e2c242211cddab1e96"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
6153
x-amz-cf-id
_55CUpDQq8o89zpznRzMkEYSotAtM1pKWrgD0xlROJzBB5BMNndpJg==
responsive-embeds.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/themes/twentytwentyone/assets/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d36eb4a9cdc1ef40b6aec8ee4382d4fd4ef8df2208602f5243c17c34740e4fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"0e9dfae997c7e7546669126002713bcc"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1185
x-amz-cf-id
P83gMQVI1X_RI6id87NN9nYf4tyP5P7GaqPKIlPD9zf4Biv2ipRldQ==
wp-embed.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6e5db18434e5778c2f46d968faa193ff3509f95d08b3641a76370a3aa091243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"6754eb94d3628e3e380c306280e8deb0"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2568
x-amz-cf-id
VlbSxwJdjI1s_mvoAjdKw35FZqOwxCWG3YXF-HR6Rep9bxtX1_N0vw==
jquery.smartmenus.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 		45 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
550a8b5a17891d66794b89e7d40571ea19a2fa12c4c628ab0f43566f987d54a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"b473787fb334637aba5ad70340ca2194"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
45603
x-amz-cf-id
kf1YZU6cG-kuUhoIr-elsGFVl6V0Szy0BPXAbnZyo82HiouM43VrLw==
velocity.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/float-menu/assets/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/float-menu/assets/js/velocity.min.js?ver=3.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f018bc5c3a7b8d83aca09d4853358acaf6ef36e2bf74e6ca6d6058f0293477c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"18bd5b68285fd920be9f783fc8f670b4"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
95107
x-amz-cf-id
7g1DCksWUEtLGk11CrYGjjwuMveNlE2s-52dR49uVYdGreoLTpsePg==
floatMenu.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/float-menu/assets/js/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/float-menu/assets/js/floatMenu.min.js?ver=3.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53cfbfd50aa7637710ee2620656551458bb87a3b695b035198a8230034de3bae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"bad72b7e5954f5ce2891c99c61f186bc"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
34143
x-amz-cf-id
OzyI0EutpKybT4xWOJR58Cp3l0mGA0AGe3WvqHRHmKxSiQr-VPUgng==
webpack-pro.runtime.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
519ace88e9f248b30cd11050abd93e8e40a6483c2b3ff9e2258979245ea01c44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"decac5ebc163756c373cd1dff6845382"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
8695
x-amz-cf-id
WmY_2v5nLo6m2L-BhioZdptgW04X4001DrEc8h7teEhpVMpYP5tpww==
webpack.runtime.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04fcb281d08024e404dfe878eac62e8dd149931293f58bad7c4505ca20b2076e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"e8936d3b6d42cf81c51c7c76f558092d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
7398
x-amz-cf-id
9wY_ee_HMjQ5nSBAenX5U9IVOUZzIe2cxZVnuXaW4ln7TktyN_Blrw==
frontend-modules.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/ 		122 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2242674a6615c51da3670731853f624263d060b1af2d5ee1d8f7611c513e8a97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"152e5ca79b92f06957f97c6232f26b31"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
124546
x-amz-cf-id
zcQUBLUvYj-tLql7T_c55cRRZb0blrsgi2QyPtMUIECKOCzeuEsf6w==
jquery.sticky.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/lib/sticky/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b53f0d290a1b8a2649ef27bd2753a9be089393acf122409ab6dadeb4494442cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"92996b5ff7a7bf4f0073e2f745deb0ee"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
9269
x-amz-cf-id
Aqqiwa0Ac5Enc7EFnXdPJOiw9RBVdf9HmObHXimbXAcExTQqgC5r_w==
frontend.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63ceeaf000645bd9a450a750cadca848be206da53afdc5132b0a2516f9f1c5ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"51aa2a8a86f5111fa03f88df9de15ebd"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
111609
x-amz-cf-id
vxS9Q-cUGUvqFQ68XGU-PtDUWZuzehezeLqITUXD1ndbGyZEB719fw==
core.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/ui/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2785419365f3cd460ccdc6b58ef71540e46c7c16c6138b8c3329fc1532083cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"7a3df015e2dd6b3190eae663ba513b61"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
35369
x-amz-cf-id
9F2VSTL2D8BBUszjgHI_mPDhXSOLCjkL5LM6ZwRUDL-ob5CVZTLngw==
dialog.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/dialog/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2acaef9f84fb6064f5ea42701c696866d710339bae7844ca5b481dfefb3903f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"1585356f2cd846430a4d8b527cb1adfd"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
18194
x-amz-cf-id
7Mn9cGdjA2PUc89rGNCaTOwTad6UEW3mQTFT9JQNXaeHTjaH2KrS9A==
waypoints.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/waypoints/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fdfff6040ad7a174d1b5402c13d8ab663c80a0760324701a11d231b43ab6683

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"5122a4647be891b2f88b64e42ed1a3aa"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17525
x-amz-cf-id
SW2QPdZKqGvy3Jn4G1yDDog2VVjDlvvNN3_PZEJgEAiQVQmQgSt51w==
share-link.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/share-link/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afcb1a6c081082baa42424c4597449ce2a939960bb52195a9bed327dbef73734

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"0780f8a1f0e233053149bc910e267ab6"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3810
x-amz-cf-id
1jOB3wTsukVyTpXdW-vsUP_q83j8qVupPFQNYPcajE6GBOZJxeFTTQ==
swiper.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/swiper/ 		235 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
186b62e048da2d4ca832c115cd6666861ff530b77349293704ba785e0b545e51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"fc2f38dfac9e887962deea630055c5e7"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
240634
x-amz-cf-id
vjsN9HjlvUcK73C-Od9_1LuH0ebctQuz1h69CnqVTra2MyhRjTlLbw==
frontend.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/ 		156 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6f92106057c0368d54365338469975f7b8422abb829bd1d4a6e2b99839b6a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"bafbdceba5fd1f44a505dfc7eeb13f90"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
159294
x-amz-cf-id
8ap7L2427B9CJq-W16VUFVW1HivzGA9ame-cynaFK1pnQhlYuv__og==
preloaded-elements-handlers.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/ 		304 KB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.2.1
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c4400712a61d2ebec24e24cb15c437540795caa210c681c9cd7bf0c1c29d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"d5398847ede6cc901dec77f3488fb622"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
311289
x-amz-cf-id
nu_cxlDrreks3zyRYnhas_QL0p5A_JB0spSwYFRIYKuRD3y1-qgKAQ==
preloaded-elements-handlers.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.4
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f367c8b19750e379ae6d97ee054e3081299620efdc89f3e9149dbe75cd14ba8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 85e38bafc31e795ecd97a354de2a588a.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"97bbd7e34b47628632ab773fd7072acf"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
79358
x-amz-cf-id
GwykwPPPaWTg4Pwm8zQt-s31NrIkrBHLkFnKZ6PtwQ9zXWPLekRhww==
wp-emoji-release.min.js
d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e88b137390c5af3eb06ee7b08f195ccdd4405a3818112e9dce8b26bee28d70c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"2bdf120dbbc0ca665280a1a6029a3715"
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
19293
x-amz-cf-id
rFgzIM2AdcEsJIa2SoDnu-wBBAMki4K3GZlJkJ7xrBwIFilJ6YnPYA==
gtm.js
www.googletagmanager.com/ 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5W3SW2R
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5a48221dcce1555313842702d8de858bd065afe98354f2a0ce59c6f2b14f81c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44422
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 21:07:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:15:11 GMT
x-content-type-options
nosniff
age
478367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:15:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137920
x-xss-protection
0
server
cafe
etag
5399571436788735572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 21:07:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 52FB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
8127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 18:52:32 GMT
etag
5585625838579639069
expires
Mon, 15 Jan 2024 18:52:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:06:49 GMT
x-content-type-options
nosniff
age
532870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 17:06:49 GMT
fa-brands-400.37913cdf7cb0571dfac0.woff2
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/fa-brands-400.37913cdf7cb0571dfac0.woff2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"cac68c831145804808381a7032fdc7c2"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
77400
x-amz-cf-id
uIQcXyl4JfesnKdHoEPOqxHOdX9WOnZ-C1Wi4gDkh9XS1w0-hdN-LQ==
fa-solid-900.4055b0575d40bfb3c7e8.woff2
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/fa-solid-900.4055b0575d40bfb3c7e8.woff2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"c500da19d776384ba69573ae6fe274e7"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
80148
x-amz-cf-id
CDYCZA0VE1SLmNAX3vVltm-9zFnTM8IOBmLwbZQDuvwOPDOBkCB0qw==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:45:20 GMT
x-content-type-options
nosniff
age
361359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 16:45:20 GMT
truncated
/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a596cc00a757b77f46594e3a8d7edeff106d637ea0e31900e6cbf17a1d8c12e3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d24b961cce98da7f07600bc30e61e21579582049ac338be7bc2d35efd66ec5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AT-WHITE-LOGO.b08e5ec3abf0fafb8156.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/AT-WHITE-LOGO.b08e5ec3abf0fafb8156.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b3a269e85a450391468be064bd809df5cde14414114dcbc9282f35a6bc11ed8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"5a13c11311a2c50b5b9efa126aa25310"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
12754
x-amz-cf-id
waCnpW2BQ5DQHOEWqHC8XE9zPUZ4psEDLVYNWOvQfgxN3DHubZBtGg==
AT-APP-Photo-Image-1024x760.bef7278c088857172c86.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/AT-APP-Photo-Image-1024x760.bef7278c088857172c86.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9c9d4c7cf9bf781e009efec9a0da5d9c8fd30438ecb292777cc647444ed8562

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"df9adab857a1148b237879b2514df599"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1207716
x-amz-cf-id
84VGAx6Vuyf_1LvNVxwPBZGh01bKAWAhRg2tE4ApzIItN5mE1jo8aw==
Google-app.33309a9364a1a0a8fbb3.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/Google-app.33309a9364a1a0a8fbb3.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05c047205d51287b8dc1ef1b4413d8ef4625a1b2d2b469b997692ff92c419f54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"bfc4b4d0b71b8f53286f8b48268bb393"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13895
x-amz-cf-id
JtrrEf7Lp4VhZOpuitTbtyLe3WhWOdVbkHFWOKkDYi2yZJWniQx12A==
Apple-app.0e3b3f0e20c4f2e7f5fc.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/Apple-app.0e3b3f0e20c4f2e7f5fc.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6e12bf20b3307c23fe1435e62e42c68feb7e77f954dc1ffa7dcc3c818b7d98d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"620bd7f2e66f927b0fb92870060b9a0e"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
13461
x-amz-cf-id
EK0jGK9p0i7cXy9ZTaIh2_1cttoz2p9Dx7lUupQJzUoyAeCdWwocSw==
truncated
/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dd16bc45a5a8c26da4bdf8aaf0da4dc2e26f929f72a54c81cbb8855cafc0fe0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AT-APP2-Photo-Image-1024x760.7c8e8dc2bc99f4c7a68b.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/AT-APP2-Photo-Image-1024x760.7c8e8dc2bc99f4c7a68b.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fbdfd7ff188cdd871a26440a51c518ae59438e676ed9b72549ef5f3e92f4568

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"edaf3e356ef8b66352808e22b112a14e"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1505856
x-amz-cf-id
2yZj7XiEUFYWyuvMpUqUFkDG4bKriB-o2NxonDaljMWHufCAoAWB5Q==
at-phone-incedent.ed477c4c99d9da553022.png
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/at-phone-incedent.ed477c4c99d9da553022.png
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58f29d0ecbe1607319e697ca8a4836379a0143a0fbe4d4c6f113cbf80d13a7ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
x-amz-server-side-encryption
AES256
etag
"b80d98122ba07f30cf758e17c44a0fd0"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
136803
x-amz-cf-id
eZiO278H88p_9gbH7KHKShQ3YH2b_odPw4NSdYfAIQvr5FQc24pdtA==
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:17680432555:web:3825e26acc6dfd43a3a6ee/ 		460 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:17680432555:web:3825e26acc6dfd43a3a6ee/webConfig
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/js/main.56b5fed3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e18c7546fe40516b3aafb80cefae635d088463777c9e2f9143b67d091d37606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
x-goog-api-key
AIzaSyC_E0NFZFAvIN0uVGLDHHYKKyETh2wJslg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:17680432555:web:3825e26acc6dfd43a3a6ee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:17680432555:web:3825e26acc6dfd43a3a6ee/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://d6qm1aiyr8d4l.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 01 Jan 2024 21:07:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
eicons.057dfcdb8ba4a8f3ddc9.woff2
d6qm1aiyr8d4l.cloudfront.net/static/media/ 		84 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d6qm1aiyr8d4l.cloudfront.net/static/media/eicons.057dfcdb8ba4a8f3ddc9.woff2
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.161.34.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-88.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dd416142a868b8eb9ac36445af1f3652195c6020c0ea339f4d9b14ab9a459df

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/static/css/main.7d41f68b.css
Origin
https://d6qm1aiyr8d4l.cloudfront.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 07:25:06 GMT
server
AmazonS3
x-amz-cf-pop
BOS50-P2
etag
"eed427836ac6bcd7d04fb0d4af70efef"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
85840
x-amz-cf-id
k62jnUzTPgUHJfvjiDp28cFxkhVIN97ebJRafSAGqr-RivxLKt7BVg==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189323392-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jan 2024 20:52:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
931
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Jan 2024 22:52:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 460A 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7268821145407068&output=html&adk=1812271804&adf=3025194257&lmt=1672903505&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fd6qm1aiyr8d4l.cloudfront.net%2F%23%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704143279041&bpp=4&bdt=465&idt=351&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2447071794955&frm=20&pv=2&ga_vid=933681321.1704143279&ga_sid=1704143279&ga_hid=1404358807&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C42532524%2C95320869%2C95320885&oid=2&pvsid=2407222712714955&tmod=2106779585&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=387
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 21:07:59 GMT
expires
Mon, 01 Jan 2024 21:07:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=elementor-section%20elementor-top-section%20elementor-element%20elementor-element-5b2db3fd%20elementor-section-content-middle%20elementor-section-full_width%20elementor-section-height-default%20elementor-section-height-default%20wps-site-header%20elementor-sticky%20elementor-sticky--active%20elementor-section--handles-inside%20elementor-sticky--effects&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1404358807&t=pageview&_s=1&dl=https%3A%2F%2Fd6qm1aiyr8d4l.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Animal%20Track&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=413169239&gjid=1000008662&cid=933681321.1704143279&tid=UA-189323392-1&_gid=1290313579.1704143279&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1478664743
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:07:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7f25698504ad47d48dac6831b4655e2068ac423652c7af21d970d92fcefe87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12332
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/pc-api-7641361162496762237-916/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/pc-api-7641361162496762237-916/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://d6qm1aiyr8d4l.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 01 Jan 2024 21:07:59 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/pc-api-7641361162496762237-916/ 		621 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/pc-api-7641361162496762237-916/installations
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/js/main.56b5fed3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef6834772a4db5848b205c96c273b2b6ef79d98bc1d6df5bac5e20525d75870e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
x-goog-api-key
AIzaSyC_E0NFZFAvIN0uVGLDHHYKKyETh2wJslg
accept-language
en-US,en;q=0.9
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMCBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuMCBmaXJlLWpzLyBmaXJlLWpzLWFsbC1hcHAvOS4xNS4wIGZpcmUtaWlkLzAuNi4wIGZpcmUtaWlkLWVzbTIwMTcvMC42LjAgZmlyZS1hbmFseXRpY3MvMC45LjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjkuMCIsImRhdGVzIjpbIjIwMjQtMDEtMDEiXX1dfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
492
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Jan 2024 21:07:59 GMT
js
www.googletagmanager.com/gtag/ 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-RY7JFX1K5Z
Requested by
Host: d6qm1aiyr8d4l.cloudfront.net
URL: https://d6qm1aiyr8d4l.cloudfront.net/static/js/main.56b5fed3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e15402bc4e8f22e49cd9ee1dfdcd28291b3b64351a8f576772844546cd1e773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75638
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 21:07:59 GMT
js
www.googletagmanager.com/gtag/ 		205 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RY7JFX1K5Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189323392-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18d527a214745c217caf163d9d9a15110df766407766416e79ef4be43b1f25ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:07:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75675
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 21:07:59 GMT
collect
analytics.google.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RY7JFX1K5Z&gtm=45je3bt0v881509034&_p=1704143278778&_gaz=1&gcd=11l1l1l1l1&dma=0&_fid=d6bdWgK413gW1e3rb_1Z_D&cid=933681321.1704143279&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704143279&sct=1&seg=0&dl=https%3A%2F%2Fd6qm1aiyr8d4l.cloudfront.net%2F&dt=Animal%20Track&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1438
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RY7JFX1K5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:07:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RY7JFX1K5Z&cid=933681321.1704143279&gtm=45je3bt0v881509034&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RY7JFX1K5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:07:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A08 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 19:45:15 GMT
expires
Tue, 31 Dec 2024 19:45:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6065 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a69e4e54ce2c8d15bdefdf8f49af1b51972a2daefc1d5b594b8acc69eb6c2dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-05JfMvYYF6hC9Uv1dHeQww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d6qm1aiyr8d4l.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-05JfMvYYF6hC9Uv1dHeQww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 21:07:59 GMT
expires
Mon, 01 Jan 2024 21:07:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4A08 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 20:08:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6065 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2407222712714955&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4A08 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UA3CVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:08:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2407222712714955&bg=!mpmlmdbNAAY3kmNgF5I7ADQBe5WfOEQbyL_UBHLEHW9jqknBkNmjEurddOina9gl21_z8WUDzQIX7egwyBgV-uaW0OdfAgAAAHZSAAAAAmgBBwoAaDOyk3N5TNUYflSc6iUfRXZZCgaDNJtdfW5TVT-TIlz8KlVJv9pJQmWsafaPUJz78xxsiqSnVvnsr0vOmp17j0XoskCcZGWIw-kCWPUCZN1t1uLahrb47MzTfLbLh2L6-p7j_BLSXBA8mQLy1X5xlD8EheF01zB0pVNHZBLLyqFDrrIObLosKUoP60TMmLpareyUkn0ZJgBlPcVNX8bhi_jp5jvKt-Seb0kDPE16vv-z5wML4hiJVGRMIQvG04C3PCTj1AZ3d3jVB1Ow0WoYbI6YRw6rZavh2f4w1ZC7jHimjGKymwvnT-If1R0_sL4mrP0XJDLje6A4aWEzkF8jWCtB2u_lFzgf-EkGDhDIk_9inFJXYi1ke1CxX9z8jpp6riLyou47-mqgLrTXR233-W0ImmJCk21-lWbkH5PWt8LwPX9ODXEaWeWwLIywzrVGVKylKJIRstJK1JF0iomMEobgfeSiMyN6DF3LxNeBuENcXYF0f2eEXver3VwoT4tabU6E6ZXPXUDJ2XGxzXnaEgqcSMHqgRBCkVJj0LYAYjF-51QaTFa8LCNoW0rZhVHTxQjpLIA9BuzWuHhp_rxyh4RGfGiu6PQJqKdlN3Bkn1fTYOCT6q2xmQK9IEW7H-r_B1dPpcsvWP3s2zsFCgnNtJcyEkpgLzs0eeWnstjT4dvtDsigiTSTQfrd2BsrbcqTGxbsjjDkG4VTjXsZyRwhXEixZnmao_uUE28XrK9WPwggnV5UlcBXwYEwHUSFppsZQqRM9nm1oTLNDznELbVKkrRvfGA0WcU44_2qac8cNtNnQ-GW9zL9MgAQUnC3v5EILiMlR19y2o7g0c9Ls16SkWeo-KGF1a0w8Gu_gqPVQxVwpM1QzwKmPuL9E_SyOFaaFm3rXmsuZlyQI0NqeLwrWXej3aasRHZ4Zruh39Hh8n7tc0UsVb33TpnF2yXCxrDPF5BuL4SgHJ7TIByCtORZlOC4IF5esmdTcnSJnKaGKuMvC3WYN7BwlvcSGb4VoWEoS5Nnh5DCIpfi3UG_HZ_M-5jYuIxsLnkve3Pbp72YDGNnhWi_kB6sxE9-deAxpFzzEO6FdMPzOtiJe0R8Wo11j6qBHomLmZ2feETnnMSMORTrNJAmEuKfmEGt6eqR5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7268821145407068&su=d6qm1aiyr8d4l.cloudfront.net&eid=44759875%2C44759926%2C31080104%2C42532524%2C95320869%2C95320885&doc=complete&pg_h=8082&pg_w=1600&pg_hs=8082&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RY7JFX1K5Z&gtm=45je3bt0v881509034&_p=1704143278778&gcd=11l1l1l1l1&dma=0&_fid=d6bdWgK413gW1e3rb_1Z_D&cid=933681321.1704143279&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704143279&sct=1&seg=0&dl=https%3A%2F%2Fd6qm1aiyr8d4l.cloudfront.net%2F&dt=Animal%20Track&en=Website%20Loaded&_ee=1&ep.origin=firebase&_et=4&tfd=6446
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RY7JFX1K5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d6qm1aiyr8d4l.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 21:08:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://d6qm1aiyr8d4l.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery function| $j function| sheHeader function| gtag object| dataLayer function| twentytwentyoneToggleAriaExpanded function| twentytwentyoneCollapseMenuOnClickOutside function| twentytwentyoneSubmenuPosition function| twentytwentyoneExpandSubMenu function| twentytwentyoneResponsiveEmbeds object| wp function| scrollToTop function| scrollToBottom function| pageprint function| smoothscroll function| goBack function| goForward object| webpackChunkelementor_pro object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules function| Sticky object| ElementorProFrontendConfig object| elementorProFrontend object| DialogsManager function| Waypoint function| ShareLink function| Swiper object| elementorFrontendConfig object| regeneratorRuntime object| elementorFrontend object| twemoji object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.d6qm1aiyr8d4l.cloudfront.net/ Name: _gid
Value: GA1.3.1290313579.1704143279
.d6qm1aiyr8d4l.cloudfront.net/ Name: _gat_gtag_UA_189323392_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.d6qm1aiyr8d4l.cloudfront.net/ Name: _ga
Value: GA1.1.933681321.1704143279
.d6qm1aiyr8d4l.cloudfront.net/ Name: _ga_RY7JFX1K5Z
Value: GS1.1.1704143279.1.0.1704143279.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
d6qm1aiyr8d4l.cloudfront.net
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
18.161.34.88
2001:4860:4802:38::181
2607:f8b0:4004:c0b::9b
2607:f8b0:4006:806::200a
2607:f8b0:4006:808::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200a
002041cb2223cdcce64c34aedd9026a4f4f3fa81b5e83070bad6bc35068bd8cc
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04fcb281d08024e404dfe878eac62e8dd149931293f58bad7c4505ca20b2076e
05c047205d51287b8dc1ef1b4413d8ef4625a1b2d2b469b997692ff92c419f54
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
186b62e048da2d4ca832c115cd6666861ff530b77349293704ba785e0b545e51
18d527a214745c217caf163d9d9a15110df766407766416e79ef4be43b1f25ac
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
1f018bc5c3a7b8d83aca09d4853358acaf6ef36e2bf74e6ca6d6058f0293477c
1f367c8b19750e379ae6d97ee054e3081299620efdc89f3e9149dbe75cd14ba8
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2242674a6615c51da3670731853f624263d060b1af2d5ee1d8f7611c513e8a97
2acaef9f84fb6064f5ea42701c696866d710339bae7844ca5b481dfefb3903f9
2d24b961cce98da7f07600bc30e61e21579582049ac338be7bc2d35efd66ec5e
49bcf8b14a59ac921514d5d4039ad0e9d3969798eb2f6c40eaca867f8e9c15b8
519ace88e9f248b30cd11050abd93e8e40a6483c2b3ff9e2258979245ea01c44
53cfbfd50aa7637710ee2620656551458bb87a3b695b035198a8230034de3bae
550a8b5a17891d66794b89e7d40571ea19a2fa12c4c628ab0f43566f987d54a3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a5574936c9acef8bd32e12011fd2f70826c75d5b27248327bb9f934b29feae
58f29d0ecbe1607319e697ca8a4836379a0143a0fbe4d4c6f113cbf80d13a7ff
5dd416142a868b8eb9ac36445af1f3652195c6020c0ea339f4d9b14ab9a459df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ceeaf000645bd9a450a750cadca848be206da53afdc5132b0a2516f9f1c5ac
6a69e4e54ce2c8d15bdefdf8f49af1b51972a2daefc1d5b594b8acc69eb6c2dd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bed5b4acb8be5c93a928c5925b05f47cc6072b0bc3da58c4feae08a47057529
6d36eb4a9cdc1ef40b6aec8ee4382d4fd4ef8df2208602f5243c17c34740e4fd
7b3a269e85a450391468be064bd809df5cde14414114dcbc9282f35a6bc11ed8
7fbdfd7ff188cdd871a26440a51c518ae59438e676ed9b72549ef5f3e92f4568
81ded0538dfc66bf3ddc059897ff65bf06449abb616bc7a8ed03c5f5a3d14d33
8dd16bc45a5a8c26da4bdf8aaf0da4dc2e26f929f72a54c81cbb8855cafc0fe0
8e15402bc4e8f22e49cd9ee1dfdcd28291b3b64351a8f576772844546cd1e773
8e18c7546fe40516b3aafb80cefae635d088463777c9e2f9143b67d091d37606
8e6f92106057c0368d54365338469975f7b8422abb829bd1d4a6e2b99839b6a5
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
8fdfff6040ad7a174d1b5402c13d8ab663c80a0760324701a11d231b43ab6683
a3384dab4ea6b1b27df4a967c6556bcc7d6f08a296ba69511576e11beb9a8e16
a596cc00a757b77f46594e3a8d7edeff106d637ea0e31900e6cbf17a1d8c12e3
a5a48221dcce1555313842702d8de858bd065afe98354f2a0ce59c6f2b14f81c
a9c9d4c7cf9bf781e009efec9a0da5d9c8fd30438ecb292777cc647444ed8562
afcb1a6c081082baa42424c4597449ce2a939960bb52195a9bed327dbef73734
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b53f0d290a1b8a2649ef27bd2753a9be089393acf122409ab6dadeb4494442cc
b6e12bf20b3307c23fe1435e62e42c68feb7e77f954dc1ffa7dcc3c818b7d98d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c03c4400712a61d2ebec24e24cb15c437540795caa210c681c9cd7bf0c1c29d0
c2785419365f3cd460ccdc6b58ef71540e46c7c16c6138b8c3329fc1532083cc
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
dbb693ef3dfb3fcda0b4bc05bf84b3bb18e2f304dcfa23c9d80f11336aded2bd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f25698504ad47d48dac6831b4655e2068ac423652c7af21d970d92fcefe87c
e88b137390c5af3eb06ee7b08f195ccdd4405a3818112e9dce8b26bee28d70c6
e976268fc5af78cf8e84752279db0554cccc76dec052b70266f9d31327195e8e
e9cb0efaf15ccbc4deef61c7783145cdc1c027b1ce6a323f432ba644ec9ab3ab
eb779fe8a635ff9bc451f51b62afec21d0baf272d27ca19f113199181f1a80c1
ef6834772a4db5848b205c96c273b2b6ef79d98bc1d6df5bac5e20525d75870e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e5db18434e5778c2f46d968faa193ff3509f95d08b3641a76370a3aa091243