v6q9s5t8.ssl.hwcdn.net Open in urlscan Pro
69.16.175.10  Public Scan

63 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

• https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
• https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
• https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=11181928736217032644596897826685319964 HTTP 302
• https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27

Request Chain 73

• https://p.alocdn.com/c/qj8p4136/a/xtarget/p.gif?label=746490318 HTTP 302
• https://p.alocdn.com/c/qj8p4136/a/xtarget/p.gif?tdc=1&url=https%3A%2F%2Fpd.trysera.com%2F&label=746490318 HTTP 302
• https://pd.trysera.com/td.gif?md5=none&label=746490318

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response v6q9s5t8.ssl.hwcdn.net/	118 KB 119 KB	1091ms 1077ms	Document text/html	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 30d6f7a60e392014c128a78ec1da51dc9b6861464299fbf273fdb8c87c65283e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Connection Keep-Alive Accept-Ranges bytes Cache-Control max-age=3600 Content-Length 121309 Content-Type text/html; charset=UTF-8 X-HW 1638271067.dop224.am5.t,1638271067.cds207.am5.s,1638271067.dop063.mi1.r,1638271067.cds065.mi1.p,1638271067.cds207.am5.s,1638271067.dop063.mi1.r,1638271067.cds065.mi1.p,1638271067.cds207.am5.p Access-Control-Allow-Origin *
GET H/1.1	200 OK	style.min.css v6q9s5t8.ssl.hwcdn.net/wp-includes/css/dist/block-library/	79 KB 11 KB	62ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 26 Jul 2021 14:31:28 GMT ETag "1627309888" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds255.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=2434948 Connection Keep-Alive Accept-Ranges bytes Content-Length 10523
GET H/1.1	200 OK	styles.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	62ms 17ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 25 Oct 2021 10:53:46 GMT ETag "1635159226" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds141.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=295056 Connection Keep-Alive Accept-Ranges bytes Content-Length 972
GET H/1.1	200 OK	url-shortify.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/url-shortify/lite/dist/styles/	2 KB 1 KB	62ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/url-shortify/lite/dist/styles/url-shortify.css?ver=1.5.3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 0a612d4bc9ba70a52a71e3e0139cf5af4c1ad6e424035fd12a2b26738db7fdb3 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 01 Nov 2021 11:52:15 GMT ETag "1635767535" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds289.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=2091747 Connection Keep-Alive Accept-Ranges bytes Content-Length 680
GET H/1.1	200 OK	frontend.min.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/css/	68 KB 10 KB	62ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.4 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:55 GMT ETag "1636389055" X-HW 1638271068.dop150.am5.t,1638271068.cds234.am5.shn,1638271068.dop150.am5.t,1638271068.cds285.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=1150254 Connection Keep-Alive Accept-Ranges bytes Content-Length 9728
GET H/1.1	200 OK	flatpickr.min.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/	16 KB 3 KB	63ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.4 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:56 GMT ETag "1636389056" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds151.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=1150254 Connection Keep-Alive Accept-Ranges bytes Content-Length 3011
GET H/1.1	200 OK	select2.min.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/select2/	15 KB 2 KB	67ms 17ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:56 GMT ETag "1636389056" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds146.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=1150254 Connection Keep-Alive Accept-Ranges bytes Content-Length 1993
GET H/1.1	200 OK	style.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/td-multi-purpose/	36 KB 5 KB	78ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=5496ac087ca179a9788dadb779dbc160 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:58:03 GMT ETag "1632769083" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds206.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=1259654 Connection Keep-Alive Accept-Ranges bytes Content-Length 4796
GET H2	200	css fonts.googleapis.com/	15 KB 1012 B	149ms 62ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a7cb333c1d23b4d034bc1f3cc7240773550ca144c57a4e6f706698a5bbd0747d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 30 Nov 2021 10:41:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 30 Nov 2021 11:17:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Nov 2021 11:17:48 GMT
GET H/1.1	200 OK	style.css v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/	146 KB 25 KB	80ms 18ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/style.css?ver=11.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 5f83fb4110de9c1673946e280175f20c0e3a4a6d3c8848274a2f12e702797355 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:55:21 GMT ETag "1632768921" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds262.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=890347 Connection Keep-Alive Accept-Ranges bytes Content-Length 24856
GET H/1.1	200 OK	td_legacy_main.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/	155 KB 23 KB	78ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=5496ac087ca179a9788dadb779dbc160 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash bf77065b0e4b52c6ee71566850b3e6a1ecdfd6331427c5063a1116e347b85203 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:57:55 GMT ETag "1632769075" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds133.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=360752 Connection Keep-Alive Accept-Ranges bytes Content-Length 23388
GET H/1.1	200 OK	td_standard_pack_main.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-standard-pack/Newspaper/assets/css/	715 KB 62 KB	78ms 16ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9214a050dc0a6c6eeaa5c1aa35f9cfe3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 19:01:01 GMT ETag "1632769261" X-HW 1638271068.dop150.am5.t,1638271068.cds234.am5.shn,1638271068.dop150.am5.t,1638271068.cds300.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=1879784 Connection Keep-Alive Accept-Ranges bytes Content-Length 62577
GET H/1.1	200 OK	earnware-lib.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/	4 KB 2 KB	84ms 18ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/earnware-lib.js?ver=1.0.67 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 47337b9c977a0a84208e39b10d09db417f6554e920d18c0377e030056c54dad0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 05 Jul 2021 11:16:37 GMT ETag "1625483797" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds121.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=909156 Connection Keep-Alive Accept-Ranges bytes Content-Length 1483
GET H/1.1	200 OK	jquery.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/jquery/	87 KB 31 KB	94ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 26 Jul 2021 14:31:29 GMT ETag "1627309889" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds257.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1130466 Connection Keep-Alive Accept-Ranges bytes Content-Length 30953
GET H/1.1	200 OK	jquery-migrate.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/jquery/	11 KB 4 KB	97ms 16ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Fri, 18 Dec 2020 13:17:50 GMT ETag "1608297470" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds291.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=2229386 Connection Keep-Alive Accept-Ranges bytes Content-Length 4169
GET H/1.1	200 OK	earnware-tracking.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/	1 KB 747 B	101ms 20ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/earnware-tracking.js?ver=1.0.67 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 843ce787c060f04c0334bb78db17bbea63a9f9c5b99466b3998be06be0d64305 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 05 Jul 2021 11:16:37 GMT ETag "1625483797" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds226.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1626038 Connection Keep-Alive Accept-Ranges bytes Content-Length 327
GET H/1.1	200 OK	url-shortify.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/url-shortify/lite/dist/scripts/	5 KB 2 KB	101ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/url-shortify/lite/dist/scripts/url-shortify.js?ver=1.5.3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 2231ff431400ae142dcbeabb043dee568cc0651d531a5e3af7e746f0685e996b Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 01 Nov 2021 11:52:15 GMT ETag "1635767535" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds118.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=459913 Connection Keep-Alive Accept-Ranges bytes Content-Length 1554
GET H/1.1	200 OK	flatpickr.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/	47 KB 14 KB	102ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:56 GMT ETag "1636389056" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds117.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1150287 Connection Keep-Alive Accept-Ranges bytes Content-Length 13758
GET H/1.1	200 OK	select2.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/select2/	69 KB 20 KB	114ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:56 GMT ETag "1636389056" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds108.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1150254 Connection Keep-Alive Accept-Ranges bytes Content-Length 19904
GET H/1.1	200 OK	style.css v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/colorlib-404-customizer/templates/template_01/css/	2 KB 1 KB	78ms 17ms	Stylesheet text/css	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/colorlib-404-customizer/templates/template_01/css/style.css?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash a6e33b0fc9ffcfbea77aeb6a5d52ca0c5e649fea977a302c21e5e55c8aacb605 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 31 May 2021 22:23:13 GMT ETag "1622499793" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds250.am5.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=889779 Connection Keep-Alive Accept-Ranges bytes Content-Length 682
GET H2	200	css fonts.googleapis.com/	2 KB 585 B	131ms 46ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat%3A500&ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b2f6194a666edb08fcfad23b0e31d744c979fbc38e01f227fa488c982d425372 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 30 Nov 2021 10:13:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 30 Nov 2021 11:17:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Nov 2021 11:17:48 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 908 B	131ms 46ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web%3A700%2C900&ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0a3d99906ff48a0aecfe9d798146549ca353717f87cd9f9e590d20b47eb5bb50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 30 Nov 2021 11:07:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 30 Nov 2021 11:17:48 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Nov 2021 11:17:48 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	77 KB 27 KB	135ms 47ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1059 / 848 of 1000 / last-modified: 1637708722" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26861 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 30 Nov 2021 11:17:48 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response gatdaily.com/wp-includes/js/	18 KB 5 KB	739ms 119ms	Script application/x-javascript	99.192.231.250 MOJOHOST
General Check archive.org Show headers Download Go to Full URL https://gatdaily.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.192.231.250 , United States, ASN27589 (MOJOHOST, US), Reverse DNS Software Apache mod_fcgid/2.3.9 / W3 Total Cache/2.1.9 Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Content-Encoding gzip X-Powered-By W3 Total Cache/2.1.9 Connection Keep-Alive Content-Length 4930 Pragma public Referrer-Policy Last-Modified Mon, 26 Jul 2021 14:31:29 GMT Server Apache mod_fcgid/2.3.9 ETag "4705-5c8079be58fc5" Vary Accept-Encoding,User-Agent Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000, public Accept-Ranges bytes Keep-Alive timeout=5, max=100 Expires Wed, 30 Nov 2022 11:17:49 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	150ms 62ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-36867927-4 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9bc2b1ab83efabae1828fe721756b836612b632247d695c62a04541379296a74 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36180 x-xss-protection 0 last-modified Tue, 30 Nov 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 30 Nov 2021 11:17:48 GMT
GET H2	200	ados.js Show response engine.wearetopple.com/	37 KB 10 KB	349ms 102ms	Script application/javascript	52.203.28.91 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://engine.wearetopple.com/ados.js Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.28.91 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-28-91.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip last-modified Thu, 04 Nov 2021 20:20:11 GMT server nginx/1.18.0 (Ubuntu) etag W/"6184407b-9238" content-type application/javascript
GET H/1.1	200 OK	PSD-01-292x97.png v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2017/11/	9 KB 9 KB	16ms 16ms	Image image/png	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2017/11/PSD-01-292x97.png Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 950460bb20677214bd7be4e0cac9ba7e87e0d220bf5660941c574b791c1378c0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Thu, 28 Jun 2018 17:36:30 GMT ETag "1530207390" X-HW 1638271068.dop150.am5.t,1638271068.cds234.am5.shn,1638271068.dop150.am5.t,1638271068.cds242.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=20431555 Connection Keep-Alive Accept-Ranges bytes Content-Length 8826
GET H/1.1	200 OK	maxresdefault-13-534x462.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	50 KB 50 KB	501ms 500ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/maxresdefault-13-534x462.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash ecc053902a050aa7221efb149b697ea9fd633b699eeae5ea9decc3be376cd4f3 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Mon, 29 Nov 2021 19:14:43 GMT ETag "1638213283" X-HW 1638271068.dop150.am5.t,1638271068.cds234.am5.shn,1638271068.dop150.am5.t,1638271068.cds110.am5.s,1638271068.dop204.mi1.r,1638271069.cds056.mi1.c,1638271068.cds110.am5.s,1638271068.dop204.mi1.r,1638271069.cds056.mi1.c,1638271069.cds110.am5.p Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31478277 Connection Keep-Alive Accept-Ranges bytes Content-Length 50817
GET H/1.1	200 OK	sdas-534x296.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	20 KB 20 KB	493ms 492ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/sdas-534x296.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 0295518876b9d861cdb6fd5073069602c92e08e50b3af61db35998bdcc5ca056 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Thu, 25 Nov 2021 16:48:27 GMT ETag "1637858907" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds278.am5.s,1638271068.dop205.mi1.r,1638271069.cds063.mi1.c,1638271068.cds278.am5.s,1638271068.dop205.mi1.r,1638271069.cds063.mi1.c,1638271069.cds278.am5.p Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31477487 Connection Keep-Alive Accept-Ranges bytes Content-Length 20243
GET H/1.1	200 OK	DSC00824-534x462.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	33 KB 34 KB	17ms 17ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/DSC00824-534x462.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 6292c37e79c01fc3ba832803205684e62859950e44a2096659a031aef30e0df3 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Wed, 24 Nov 2021 18:10:14 GMT ETag "1637777414" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds110.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31198362 Connection Keep-Alive Accept-Ranges bytes Content-Length 33917
GET H/1.1	200 OK	blackfridaymeme-500x462.jpeg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	36 KB 36 KB	18ms 18ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/blackfridaymeme-500x462.jpeg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 2975a46bcf1e31ef098ce214e8949d47f116fa8c26dfff6e048e64eebdf51a27 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Wed, 24 Nov 2021 16:21:13 GMT ETag "1637770873" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds130.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31185762 Connection Keep-Alive Accept-Ranges bytes Content-Length 36925
GET H/1.1	200 OK	expanded-HST-1-356x364.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	28 KB 29 KB	487ms 487ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/expanded-HST-1-356x364.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 80ab5d0c23efcc8df3d5eb9651f22f0b762b22395afd6dbf1fe47abae502dae4 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Wed, 24 Nov 2021 17:41:44 GMT ETag "1637775704" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds145.am5.s,1638271068.dop204.mi1.r,1638271069.cds028.mi1.c,1638271068.cds145.am5.s,1638271068.dop204.mi1.r,1638271069.cds028.mi1.c,1638271069.cds145.am5.p Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31478277 Connection Keep-Alive Accept-Ranges bytes Content-Length 28885
GET H/1.1	200 OK	maxresdefault-12-356x364.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	34 KB 34 KB	17ms 16ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/maxresdefault-12-356x364.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 18cedf5e3a6ad6137547f5b7cb323e91019870716d2c9c64eecf4e6c043e4ad5 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Wed, 24 Nov 2021 17:06:55 GMT ETag "1637773615" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds270.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31477488 Connection Keep-Alive Accept-Ranges bytes Content-Length 34522
GET H/1.1	200 OK	1113211538-356x364.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	26 KB 26 KB	16ms 16ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/1113211538-356x364.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 660b906dd0df6710409bbf41604aac778506ddbf6b5fe502f582b888601fa418 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Tue, 23 Nov 2021 20:28:58 GMT ETag "1637699338" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds006.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31198364 Connection Keep-Alive Accept-Ranges bytes Content-Length 26346
GET H/1.1	200 OK	31414B54-2FFE-40C9-AAC3-720C5A2ADF5D-scaled-e1637692641653-356x364.jpeg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	28 KB 29 KB	17ms 17ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/31414B54-2FFE-40C9-AAC3-720C5A2ADF5D-scaled-e1637692641653-356x364.jpeg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 2edca37ca4a180be2ad97350b6af6fb7193213c753f9c05733582563e89823df Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Tue, 23 Nov 2021 18:37:23 GMT ETag "1637692643" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds128.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31185762 Connection Keep-Alive Accept-Ranges bytes Content-Length 29080
GET H/1.1	200 OK	wisconsin-SUV-324x235.jpeg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	15 KB 16 KB	495ms 494ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/wisconsin-SUV-324x235.jpeg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 9aa4032974473609aaba5c3a66581235fe6a533599cafd806cc40addbcf22084 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Tue, 23 Nov 2021 17:27:43 GMT ETag "1637688463" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds155.am5.s,1638271068.dop065.mi1.r,1638271069.cds217.mi1.c,1638271068.cds155.am5.s,1638271068.dop065.mi1.r,1638271069.cds217.mi1.c,1638271069.cds155.am5.p Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31478277 Connection Keep-Alive Accept-Ranges bytes Content-Length 15653
GET H/1.1	200 OK	IMG_2019-324x235.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	23 KB 24 KB	475ms 474ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/IMG_2019-324x235.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash a1eda2e715b27ca783b584a39283c33fa6d507f73e0b20bf3c5dcb822e07ecac Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Tue, 23 Nov 2021 15:32:50 GMT ETag "1637681570" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds012.am5.s,1638271068.dop052.mi1.r,1638271069.cds208.mi1.c,1638271068.cds012.am5.s,1638271068.dop052.mi1.r,1638271069.cds208.mi1.c,1638271069.cds012.am5.p Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31477487 Connection Keep-Alive Accept-Ranges bytes Content-Length 23617
GET H/1.1	200 OK	1113211612-324x235.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	20 KB 21 KB	17ms 16ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/1113211612-324x235.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash afd15b2ce34f4b652a404d8912f4e5dece7a43eb878d80d1bf0dded354b7eb4c Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Tue, 16 Nov 2021 15:13:44 GMT ETag "1637075624" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds233.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31198365 Connection Keep-Alive Accept-Ranges bytes Content-Length 20788
GET H/1.1	200 OK	maxresdefault-11-324x235.jpg v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/	19 KB 20 KB	17ms 16ms	Image image/jpeg	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2021/11/maxresdefault-11-324x235.jpg Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash a3c3fd3ba78eb7c23985dc8961468a84a1992da669b4c58883121d4ec05404a7 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Mon, 22 Nov 2021 18:55:31 GMT ETag "1637607331" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds273.am5.c Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=31185762 Connection Keep-Alive Accept-Ranges bytes Content-Length 19882
GET H/1.1	200 OK	datascience-324x235.png v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2017/02/	96 KB 96 KB	17ms 17ms	Image image/png	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Show image Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/uploads/2017/02/datascience-324x235.png Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 363aea5182b080e25a1623a14dd573f7ae4b7984ff41196ffdee9f323a943436 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Last-Modified Fri, 29 Jun 2018 06:06:16 GMT ETag "1530252376" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds155.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=31040755 Connection Keep-Alive Accept-Ranges bytes Content-Length 98019
GET H/1.1	200 OK	regenerator-runtime.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/dist/vendor/	6 KB 3 KB	16ms 16ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 26 Jul 2021 14:31:28 GMT ETag "1627309888" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds248.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1998830 Connection Keep-Alive Accept-Ranges bytes Content-Length 2398
GET H/1.1	200 OK	wp-polyfill.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/dist/vendor/	16 KB 6 KB	18ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 26 Jul 2021 14:31:29 GMT ETag "1627309889" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds153.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=435873 Connection Keep-Alive Accept-Ranges bytes Content-Length 6031
GET H/1.1	200 OK	index.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/includes/js/	12 KB 4 KB	18ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash d0ba7e2275cddbdf3d2473a60565d950efb8474ba7bda393cc64f56ff39d85ce Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 25 Oct 2021 10:53:46 GMT ETag "1635159226" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds108.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=2333577 Connection Keep-Alive Accept-Ranges bytes Content-Length 3767
GET H/1.1	200 OK	earnware-merge.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/	1 KB 1 KB	18ms 16ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/earnware-connect/public/js/earnware-merge.js?ver=1.0.67 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 743f65b0622a16c8d51e6d35c9d7a4e058efd02fe7bceb4baa86a87abe05b01f Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 05 Jul 2021 11:16:37 GMT ETag "1625483797" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds259.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=909156 Connection Keep-Alive Accept-Ranges bytes Content-Length 717
GET H/1.1	200 OK	frontend.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/js/	9 KB 3 KB	19ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.4 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 08 Nov 2021 16:30:56 GMT ETag "1636389056" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds056.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1150255 Connection Keep-Alive Accept-Ranges bytes Content-Length 2276
GET H/1.1	200 OK	underscore.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/	19 KB 8 KB	20ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/underscore.min.js?ver=1.13.1 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 26 Jul 2021 14:31:29 GMT ETag "1627309889" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds220.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1774486 Connection Keep-Alive Accept-Ranges bytes Content-Length 7319
GET H/1.1	200 OK	js_posts_autoload.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-cloud-library/assets/js/	5 KB 2 KB	19ms 16ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:58:19 GMT ETag "1632769099" X-HW 1638271068.dop150.am5.t,1638271068.cds234.am5.shn,1638271068.dop150.am5.t,1638271068.cds284.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1636789 Connection Keep-Alive Accept-Ranges bytes Content-Length 1981
GET H/1.1	200 OK	tagdiv_theme.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/legacy/Newspaper/js/	257 KB 59 KB	19ms 18ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:58:03 GMT ETag "1632769083" X-HW 1638271068.dop005.am5.t,1638271068.cds114.am5.shn,1638271068.dop005.am5.t,1638271068.cds289.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=456010 Connection Keep-Alive Accept-Ranges bytes Content-Length 60480
GET H/1.1	200 OK	comment-reply.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/	3 KB 2 KB	18ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/comment-reply.min.js?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Thu, 15 Apr 2021 03:38:04 GMT ETag "1618457884" X-HW 1638271068.dop121.am5.t,1638271068.cds261.am5.shn,1638271068.dop121.am5.t,1638271068.cds116.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=456012 Connection Keep-Alive Accept-Ranges bytes Content-Length 1346
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 999 B	139ms 51ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&ver=3.0 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 94dd90fc554203195d42467c8c53b31bc5791bf19f89336b1072a9e67cd8a53a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 586 x-xss-protection 1; mode=block expires Tue, 30 Nov 2021 11:17:48 GMT
GET H/1.1	200 OK	index.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/modules/recaptcha/	934 B 903 B	18ms 18ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.3 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 25 Oct 2021 10:53:46 GMT ETag "1635159226" X-HW 1638271068.dop018.am5.t,1638271068.cds152.am5.shn,1638271068.dop018.am5.t,1638271068.cds113.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=2414969 Connection Keep-Alive Accept-Ranges bytes Content-Length 483
GET H/1.1	200 OK	js_files_for_front.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-cloud-library/assets/js/	37 KB 9 KB	17ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=c19aec6a20dc470dea3def4ce71e04d5 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash a22f85f1a257dfe812b91e347ffff79eee4cff5eb89f0b429a32ae1ab96d8adc Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Sep 2021 18:58:19 GMT ETag "1632769099" X-HW 1638271068.dop113.am5.t,1638271068.cds285.am5.shn,1638271068.dop113.am5.t,1638271068.cds018.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=557256 Connection Keep-Alive Accept-Ranges bytes Content-Length 8568
GET H/1.1	200 OK	wp-embed.min.js Show response v6q9s5t8.ssl.hwcdn.net/wp-includes/js/	1 KB 1 KB	18ms 17ms	Script application/javascript	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-includes/js/wp-embed.min.js?ver=5.8.2 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:48 GMT Content-Encoding gzip Last-Modified Thu, 04 Feb 2021 03:38:04 GMT ETag "1612409884" X-HW 1638271068.dop129.am5.t,1638271068.cds220.am5.shn,1638271068.dop129.am5.t,1638271068.cds272.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=1484350 Connection Keep-Alive Accept-Ranges bytes Content-Length 765
GET H2	200	data.js Show response tags.clickagy.com/	38 KB 14 KB	103ms 61ms	Script application/javascript	2606:4700::6812:1ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.clickagy.com/data.js?rnd=615336c9488ee Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 381b8ebdbf37c558d1fd305ad8c95cd2f31e67c0bf94708958fcd1a2001999fb Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip cf-cache-status DYNAMIC age 25232 cf-ray 6b63abe40c14020d-ZRH x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 10 Nov 2020 17:57:51 GMT server cloudflare etag W/"6813d79781acaf51a4c663b3157c2070" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-version-id c4fwCALD5qjya1GhJRU453Q9dYnKWKf9 via 1.1 6d5fe30c1aa26e69b4e8a63a3cb67e44.cloudfront.net (CloudFront) x-amz-cf-pop MXP64-C2 content-type application/javascript x-amz-cf-id WnPldZJdKyYkkNzUuI21fFCNt9WR48l_FMZNISoA4pYm5KHlMnCRTA==
GET H2	200	14798289721645596692 Show response pd.trysera.com/p/ Frame 0328	988 B 1 KB	325ms 102ms	Document text/html	34.198.80.77 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pd.trysera.com/p/14798289721645596692 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.80.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-80-77.compute-1.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 7699a6f35c072c50fc6d8de4f58e7e5fc53a21ab4f51f617491232fcc24a757e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-type text/html; charset=utf-8 content-length 894 cache-control private content-encoding gzip vary Accept-Encoding server Microsoft-IIS/8.5 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-origin * access-control-expose-headers x-td-md5
GET H2	200	pubads_impl_2021111601.js Show response securepubads.g.doubleclick.net/gpt/	344 KB 116 KB	45ms 44ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 118471 x-xss-protection 0 last-modified Tue, 16 Nov 2021 09:34:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 30 Nov 2021 11:17:48 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	116 B 126 B	95ms 49ms	XHR application/json	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v6q9s5t8.ssl.hwcdn.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash dab7d029b4502eb3289f4c57a1b16de9d936cbd6b487bcc9d21d22818bef113c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:48 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 101 x-xss-protection 0 expires Tue, 30 Nov 2021 11:17:48 GMT
GET H/1.1	403 Forbidden	ados engine.wearetopple.com/	0 0	203ms 104ms	Script text/html	52.203.28.91 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://engine.wearetopple.com/ados?t=1638271068821&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk952272%22%2C%22AT%22%3A4185%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk445888%22%2C%22AT%22%3A43%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk793048%22%2C%22AT%22%3A43%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk308340%22%2C%22AT%22%3A43%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk947209%22%2C%22AT%22%3A5%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk447888%22%2C%22AT%22%3A5%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk462965%22%2C%22AT%22%3A5%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk480289%22%2C%22AT%22%3A5%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk284560%22%2C%22AT%22%3A5%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk290312%22%2C%22AT%22%3A4%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk574904%22%2C%22AT%22%3A4%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk614239%22%2C%22AT%22%3A123%7D%2C%7B%22A%22%3A10795%2C%22S%22%3A1169845%2C%22D%22%3A%22azk804904%22%2C%22AT%22%3A4%7D%5D%2C%22Keywords%22%3A%22undefined%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D Requested by Host: engine.wearetopple.com URL: https://engine.wearetopple.com/ados.js Protocol HTTP/1.1 Server 52.203.28.91 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-28-91.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / adzerk bifrost/ Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Tue, 30 Nov 2021 11:17:48 GMT Server nginx/1.18.0 (Ubuntu) x-powered-by adzerk bifrost/ ETag W/"24-t+bSeUHuHMoKUFeQFghQ8evld68" Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin undefined Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version Content-Length 36 x-served-by bifrost-production-shard001-us-east-1e-i-0486f3649415827bd
GET DATA	200 OK	truncated /	121 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	newspaper.woff v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/images/icons/	24 KB 25 KB	546ms 499ms	Font application/x-font-woff	69.16.175.10 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/images/icons/newspaper.woff?19 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: https://v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/style.css?ver=11.2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS hwcdn.net Software / Resource Hash ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd Request headers Referer https://v6q9s5t8.ssl.hwcdn.net/wp-content/themes/Newspaper/style.css?ver=11.2 Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 30 Nov 2021 11:17:49 GMT Last-Modified Mon, 27 Sep 2021 18:55:20 GMT ETag "1632768920" X-HW 1638271068.dop010.am5.t,1638271068.cds118.am5.shn,1638271068.dop010.am5.t,1638271068.cds125.am5.sr,1638271069.dop043.mi1.r,1638271069.cds206.mi1.c,1638271069.cds125.am5.pr Content-Type application/x-font-woff Access-Control-Allow-Origin * Cache-Control max-age=28 Connection Keep-Alive Accept-Ranges bytes Content-Length 24864
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	122ms 39ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 26 Nov 2021 13:39:48 GMT x-content-type-options nosniff age 337080 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 26 Nov 2022 13:39:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	161ms 78ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 14:02:00 GMT x-content-type-options nosniff age 594948 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 14:02:00 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	177ms 94ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 26 Nov 2021 13:52:02 GMT x-content-type-options nosniff age 336346 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 26 Nov 2022 13:52:02 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	134ms 133ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 17:56:19 GMT x-content-type-options nosniff age 494489 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 24 Nov 2022 17:56:19 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	123ms 38ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-36867927-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1002 date Tue, 30 Nov 2021 11:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 30 Nov 2021 13:01:07 GMT
POST H/1.1	200 OK	data Show response aorta.clickagy.com/	57 B 711 B	420ms 121ms	XHR application/json	52.203.137.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://aorta.clickagy.com/data Requested by Host: tags.clickagy.com URL: https://tags.clickagy.com/data.js?rnd=615336c9488ee Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.137.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-137-199.compute-1.amazonaws.com Software Aorta/20211029.2f91d75 / Resource Hash b1d02c301a2d7d002d156f09c2998b64cfa9ff56993563a39cb9559b979e6820 Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip server Aorta/20211029.2f91d75 access-control-max-age 31536000 access-control-allow-methods POST, GET, OPTIONS Content-Type application/json access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net access-control-expose-headers Set-Cookie cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true X-Aorta-Region us-east-1 Connection keep-alive X-Aorta-Host ip-10-42-23-72.ec2.internal access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction Content-Length 82
GET H2	200	hasHashes Show response portal.clickagy.com/external/	2 B 535 B	437ms 427ms	XHR application/json	2606:4700::6812:1ecd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://portal.clickagy.com/external/hasHashes?clkgypv=jstag Requested by Host: tags.clickagy.com URL: https://tags.clickagy.com/data.js?rnd=615336c9488ee Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1ecd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction x-powered-by PHP/7.4.11 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/json access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net cache-control no-cache="set-cookie" access-control-allow-credentials true cf-ray 6b63abe56db5020d-ZRH alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2
GET H2	451	420246.gif idsync.rlcdn.com/ Redirect Chain https://aorta.clickagy.com/pixel.gif?clkgypv=jstag https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:8291b7795f5a6a3abf10608dceb26d27&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U... https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=11181928736217032644596897826685319964 https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27	0 66 B	54ms 19ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT via 1.1 google alt-svc clear content-length 0 Redirect headers date Tue, 30 Nov 2021 11:17:49 GMT server Aorta/20211029.2f91d75 access-control-allow-origin access-control-max-age 31536000 access-control-allow-methods POST, GET, OPTIONS Content-Type application/json Location https://idsync.rlcdn.com/420246.gif?partner_uid=c:8291b7795f5a6a3abf10608dceb26d27 access-control-expose-headers Set-Cookie cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true X-Aorta-Region us-east-1 Connection keep-alive X-Aorta-Host ip-10-42-21-164.ec2.internal access-control-allow-headers Origin,cache-control,content-type,man,messagetype,soapaction Content-Length 0
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/	347 KB 136 KB	121ms 37ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Origin http://v6q9s5t8.ssl.hwcdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:06:38 GMT content-encoding gzip x-content-type-options nosniff age 671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 30 Nov 2022 11:06:38 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	151ms 48ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=v6q9s5t8.ssl.hwcdn.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	131ms 45ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=v6q9s5t8.ssl.hwcdn.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	4 KB 2 KB	80ms 80ms	XHR text/plain	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2280480222904421&correlator=2480858035339087&output=ldjh&impl=fifs&eid=44752541&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211130&iu_parts=90033693%2Cgat&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cookie_enabled=1&bc=23&abxe=1&lmt=1638271069&dt=1638271069066&dlt=1638271068096&idt=947&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3798492010&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fv6q9s5t8.ssl.hwcdn.net%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=309163250.1638271069&ga_sid=1638271069&ga_hid=366738079&ga_fc=false&fws=2&ohw=0&btvi=-1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 892751caf63a43ac4e8c5a2d181a8688129c5ac0c0295dcb577dbc25b288579a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2319 x-xss-protection 0 google-lineitem-id 5196779904 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138290812622 content-type text/plain; charset=UTF-8 access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	221 KB 22 KB	174ms 173ms	XHR text/plain	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2280480222904421&correlator=2480858035339087&output=ldjh&impl=fifs&eid=44752541&vrg=2021111601&ptt=17&sc=0&sfv=1-0-38&ecs=20211130&iu_parts=195106289%2CGD-wide-728-max%2CGD-header-menu%2CGD-square-1%2CGD-square-2%2CGD-square-3%2CGD-square-4%2CGD-square-5%2CGD-squre-6%2CGD-square-7%2CGD-square-side%2CGD-wide-Article-bottom%2CGD-wide-Article-top&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=320x50%7C728x90%2C320x50%7C970x90%7C728x90%2C300x250%7C320x50%2C320x50%7C300x250%2C320x50%7C300x250%2C300x250%7C320x50%2C300x250%7C320x50%2C320x50%7C300x250%2C300x250%7C320x50%2C300x250%2C320x50%7C728x90%2C320x50%7C728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1638271069&dt=1638271069070&dlt=1638271068096&idt=947&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C640%2C266%2C638%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C201%2C696%2C696%2C696%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=3184010176%2C2618430259%2C1475308795%2C1277332689%2C2689354670%2C3201177764%2C3256543468%2C439315326%2C63041491%2C369881665%2C1100204748%2C1531350044&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fv6q9s5t8.ssl.hwcdn.net%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1560x0%7C324x0%7C324x0%7C324x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C1560x0%7C324x0%7C324x0%7C324x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=309163250.1638271069&ga_sid=1638271069&ga_hid=366738079&ga_fc=false&fws=2%2C4%2C4%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C1600%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 649f56b9fd941d540fc08d4a0f1cd42b5089a7c003f64a10b8612ab8b69f95de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22492 x-xss-protection 0 google-lineitem-id 5375077657,4635842110,5806204288,4635847198,5804982423,5806203757,5806903919,5806197754,-2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138318476335,138369391086,138366597825,138369519134,138367026037,138366602288,138366597402,138367025665,-2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 932a022413f35073696582dc1caed286.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 528E	6 KB 4 KB	163ms 47ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://932a022413f35073696582dc1caed286.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 30 Nov 2021 11:17:49 GMT expires Wed, 30 Nov 2022 11:17:49 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	td.gif pd.trysera.com/ Frame 0328 Redirect Chain https://p.alocdn.com/c/qj8p4136/a/xtarget/p.gif?label=746490318 https://p.alocdn.com/c/qj8p4136/a/xtarget/p.gif?tdc=1&url=https%3A%2F%2Fpd.trysera.com%2F&label=746490318 https://pd.trysera.com/td.gif?md5=none&label=746490318	68 B 263 B	100ms 99ms	Image image/png	34.198.80.77 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pd.trysera.com/td.gif?md5=none&label=746490318 Requested by Host: pd.trysera.com URL: https://pd.trysera.com/p/14798289721645596692 Protocol H2 Server 34.198.80.77 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-80-77.compute-1.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pd.trysera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT server Microsoft-IIS/8.5 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type image/png access-control-allow-origin * access-control-expose-headers x-td-md5 cache-control private content-length 68 Redirect headers location https://pd.trysera.com/td.gif?md5=none&label=746490318 date Tue, 30 Nov 2021 11:17:49 GMT cache-control no-cache, no-store, must-revalidate, max-age=0 server Jetty(9.4.33.v20201020) content-length 0
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	88ms 43ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=366738079&t=pageview&_s=1&dl=http%3A%2F%2Fv6q9s5t8.ssl.hwcdn.net%2F&ul=en-us&de=UTF-8&dt=Home%20-%20GAT%20Daily%20(Guns%20Ammo%20Tactical)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1525226881&gjid=2110457360&cid=309163250.1638271069&tid=UA-36867927-4&_gid=562256580.1638271069&_r=1&gtm=2ouba1&z=596143582 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame EFA9	0 0	75ms 75ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAq4dyWlCRdNeyIz6RN0EOd4rF5NquIipE1RKnKF2kbjSEflv_eQhGeFCDXUImiWC_qF377c7BbRFRVLka5lrzvKEVO_EGjXMX-LcbrGzYWujSDjetJb3dgySz0BNcbNosXj94fnYZAhg44VIQJYH_0iVdH96pfOzCIRlq0Jkbiz8rBoasOFjj50GWU-W8kpDh0pgXtGUSpxaDJCD9xT4qlcI6jxg3s4drTMzkFAsnLGyrLG261mx4YuVSrcudf2SeiETCV1wyY8_C0cpCS5iGUDB90WfniVMufdmEZOlsglZhzEp9IBiOdeWVehIfPg&sai=AMfl-YQKTDsaWzSwoJkUXn0qygaYfV7vESPaS3SBvcoNYwj-MOV-6us0kiL-7G5qFk2SMio9nu2p1Ko9Y1xUMUZGeSSmCV9RJFssl_B1lSBX2fjeeUt2Q7Sh73EGuq8kUqU&sig=Cg0ArKJSzKlsiPgW5C6vEAE&uach_m=[UACH]&adurl= Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame EFA9	2 KB 2 KB	135ms 37ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:13:53 GMT content-encoding gzip x-content-type-options nosniff age 236 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Dec 2021 11:13:53 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame EFA9	119 KB 37 KB	144ms 59ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 30 Nov 2021 11:17:49 GMT
GET H/1.1	204 No Content	l www.google.com/ads/measurement/ Frame EFA9	0 0	82ms 46ms	Image text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google.com/ads/measurement/l?ebcid=ALh7CaThAXv9VtqQVOfTj8ClMND8e_ABfGaWGEJAklCHWLOyQ0Dqu0nbhoQt5T01q6U_7Xif1bqSZXcaZ3hdtcv7KokxmSU_jQ Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol HTTP/1.1 Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H2	200	8902461504604944973 tpc.googlesyndication.com/simgad/ Frame EFA9	35 KB 35 KB	287ms 189ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8902461504604944973 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8254c3706a30675c279d366d864f25b44b51a7798dcd622f3cb1f546d42cc08a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35462 x-xss-protection 0 last-modified Fri, 29 Oct 2021 11:18:08 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 30 Nov 2022 11:17:49 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 447 B	57ms 18ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36867927-4&cid=309163250.1638271069&jid=1525226881&gjid=2110457360&_gid=562256580.1638271069&_u=YAhAAUAAAAAAAC~&z=1922069418 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://v6q9s5t8.ssl.hwcdn.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 30 Nov 2021 11:17:49 GMT content-type text/plain access-control-allow-origin http://v6q9s5t8.ssl.hwcdn.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6EAF	0 0	75ms 75ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstJMhouyIkwxN8CtxrZf7XhGQ2EaRqgyF90SuPPAjK_tZpiV9srZn4quaF9nd3stnyfPKK-GUXtnk_ug3MIo4sLHDCvUxaju9kDzjLG-4g_ICzZa8yQbYjMxINvyChUeniv589AD_coPNdj3TGFAQtW235voFxDmJtyu9iaJrVEAZyeQYaDV16uExtRF29CR-yuqid0EiJrta2LLDsrqhkGhjMKXw6gizbam_NQg2UtTlfhHxRiRDL0cRpAcKgG5GYQIyNYxVoyNu57x9_gPyRCAuMil5hoDI6dfHgkYmltb0eIT0spVYUIpM9MR8RLKA&sai=AMfl-YQshmsmvKpZKislQdEP_MIzTItjF4FAuJZou4G5cbYCd3o-BIY-wz6Gjn6p8UnZ-EUuLFPFLGKdw2OpYfjKbxTBj56_c88vss76fWNuEBw48-6NTGcJ9PZR3rQzVj0&sig=Cg0ArKJSzNRl9PM_ZjkmEAE&uach_m=[UACH]&adurl= Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6EAF	2 KB 1 KB	112ms 37ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:13:53 GMT content-encoding gzip x-content-type-options nosniff age 236 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Dec 2021 11:13:53 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6EAF	119 KB 36 KB	202ms 141ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 30 Nov 2021 11:17:49 GMT
GET H/1.1	204 No Content	l www.google.com/ads/measurement/ Frame 6EAF	0 0	82ms 46ms	Image text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google.com/ads/measurement/l?ebcid=ALh7CaTuX0setQh6Zg8ri8aDHvcrcP-VgOwUcjx2BqfWwEcrp-XsRbR4hmXMV4xb_MaWX67s_8xpjcXsR-ZvzvppeMl3pnNdFQ Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol HTTP/1.1 Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H2	200	12261963417644318013 tpc.googlesyndication.com/simgad/ Frame 6EAF	91 KB 92 KB	236ms 163ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12261963417644318013 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2b340e680675a6241ef2f2b327c39852426a19b0f0b4b5c9ee90b8b7a52b3ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 23:49:14 GMT x-content-type-options nosniff age 386915 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93595 x-xss-protection 0 last-modified Wed, 06 Oct 2021 21:53:56 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 25 Nov 2022 23:49:14 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 50CD	0 0	75ms 74ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssclixmSTMPMCQosWzqhxxMnc8R6wfb2GpNKuqnZZF4k_8XSRi8cjSHkwJ7ShXuAZ1NHZyOf6WogJrfj9bQQ6HxxwoL4e721I1EK8okQU9oRYKZFkCz-Q7Wb-UScllJ5HM6557rB1D5tXeZRY8UzkeCpx2ka4pM7LQ4WDqNsVZGSqRNEDZKnQeuS0T5jCJTMm4H7PXZHxEu-SeWRM9YTqJL7SsTxczwzXCdRn6KvnexbbUK8yoH16Uy1rn_GHn6qLdsnenEsbM9iPwmhxv69k_R0hAHmbCJyB7epRjcXhiv_PlCI6Hh2ifu6g77BQ&sai=AMfl-YRJV-5eZr_pwzz7Bsb2oJe7V7AeGyjJ3jfBklVJK4GANzbXR6uhXk75GJOK5oKam6oW9HX1Ghk80bQyQeKE_ujS00S8WUGiKqH-4jmksAkKj6PZu_4i8h_xssQPazI&sig=Cg0ArKJSzIj_-w0ue9cNEAE&uach_m=[UACH]&adurl= Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 50CD	2 KB 1 KB	107ms 39ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:13:53 GMT content-encoding gzip x-content-type-options nosniff age 236 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Dec 2021 11:13:53 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 50CD	119 KB 36 KB	169ms 114ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 30 Nov 2021 11:17:49 GMT
GET H/1.1	204 No Content	l www.google.com/ads/measurement/ Frame 50CD	0 0	82ms 47ms	Image text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.google.com/ads/measurement/l?ebcid=ALh7CaS8eUAsuVRA_ecqhtQ3b0e9hVTqDCMNXBkPKas7FRMzbTJYM7Uj_TND3f75EgMamqc9kYqo6CgG_IF0HbSgOkoAzqBwxA Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol HTTP/1.1 Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H2	200	10435720678568549399 tpc.googlesyndication.com/simgad/ Frame 50CD	61 KB 61 KB	152ms 96ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10435720678568549399 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a56af874cf60130601f58f58a5581a6a1308f83a00b8501442fc29f6e3be7f6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 26 Nov 2021 04:50:12 GMT x-content-type-options nosniff age 368857 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62196 x-xss-protection 0 last-modified Sat, 30 Oct 2021 01:21:09 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 26 Nov 2022 04:50:12 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7FC6	0 0	74ms 73ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLVoeylYuekrBynYFCU-35mO0cTSVuFXEfLdlX5vmZB_mUuVtvraMK_Q-fVwdzQ6bz4Yzs621-ZF4nbMJZ4iYb-TJqGP8sAmK8ZNYx3xJOe41AzuJx9DOhLNGepNh4idKUJo50ytqZSQMYOJPGrOALSDZTESypI06s4Mib5DeNmMnSZefZVjnem3Dt-7KzdBTiH9MnSu4HWaYumTfbKQHlYFyBwGJByZeagvxGntpvjeBfbuDq4tv5mH9S56kTHLpGQeaiuHFwagNNqhdpZnKsDUhAE1K0nRVDZ-iiyt_xBKAqor_BVXmDWcx39Q&sai=AMfl-YQpkpM6LK4crgye7bho8pCqy2vjyh4RxWF6dYskEVtRkRBSpU5Q_U_bg844x0-p5iRQ4M_ka4QGtgG8C9QWb6d7sFlhHvcFiqEhFbFigeP4arSrm8Kms0KpilH0a_0&sig=Cg0ArKJSzMxA0XmLkrDREAE&uach_m=[UACH]&adurl= Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7FC6	2 KB 1 KB	186ms 186ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:13:53 GMT content-encoding gzip x-content-type-options nosniff age 236 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1332 x-xss-protection 0 server cafe etag 3351516697335751560 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Dec 2021 11:13:53 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7FC6	119 KB 36 KB	212ms 163ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:49 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37119 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1636547677202025" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 30 Nov 2021 11:17:49 GMT
GET H2	200	5752570323733671827 tpc.googlesyndication.com/simgad/ Frame 7FC6	81 KB 82 KB	96ms 40ms	Image image/jpeg	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5752570323733671827 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2190f405bdc95c60d34f3a911ebe0dac4e8188bd0309a691d40b5a5f39af2774 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 23:49:14 GMT x-content-type-options nosniff age 386915 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 83194 x-xss-protection 0 last-modified Wed, 06 Oct 2021 21:57:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 25 Nov 2022 23:49:14 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 6293	7 KB 1 KB	102ms 53ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&co=aHR0cDovL3Y2cTlzNXQ4LnNzbC5od2Nkbi5uZXQ6ODA.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=bqblspikad4v Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 88722c72f61df47c1fa6b82f9933997851133a2e04d4a09f8a2e4a1a2de59546 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ZlK5zxIWxSQ9prvFNprhvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-security-policy script-src 'report-sample' 'nonce-ZlK5zxIWxSQ9prvFNprhvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 content-encoding gzip date Tue, 30 Nov 2021 11:17:49 GMT expires Tue, 30 Nov 2021 11:17:49 GMT cache-control private, max-age=0 x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1042 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	105ms 63ms	Image image/gif	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36867927-4&cid=309163250.1638271069&jid=1525226881&_u=YAhAAUAAAAAAAC~&z=1800635335 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	143ms 64ms	Image image/gif	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36867927-4&cid=309163250.1638271069&jid=1525226881&_u=YAhAAUAAAAAAAC~&z=1800635335 Requested by Host: v6q9s5t8.ssl.hwcdn.net URL: http://v6q9s5t8.ssl.hwcdn.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 6293	51 KB 24 KB	81ms 37ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&co=aHR0cDovL3Y2cTlzNXQ4LnNzbC5od2Nkbi5uZXQ6ODA.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=bqblspikad4v Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 10:38:31 GMT content-encoding gzip x-content-type-options nosniff age 2358 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24065 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 30 Nov 2022 10:38:31 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 6293	347 KB 135 KB	100ms 56ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&co=aHR0cDovL3Y2cTlzNXQ4LnNzbC5od2Nkbi5uZXQ6ODA.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=bqblspikad4v Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:06:38 GMT content-encoding gzip x-content-type-options nosniff age 671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 30 Nov 2022 11:06:38 GMT
GET DATA	200 OK	truncated / Frame EFA9	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 899d133ab9eea754304ca9625580663b17eda5466d919c0bc20b15551e0fec21 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 50CD	0 0	74ms 74ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhsfv7OGqeBXu-L6xEVoLf6bvOaHtmKIoRmnw5ksa1H_U0boLdjggbk0BP0rvgtuCu9D-pvsi5ocoQisZlBeelEbDotCf2ql5F8e6mu24pdDdbREkXzucLKl5CEI_AbU1sFC85tpLPgIuKguKNqtjzyza-_kO5BgFtJBlGhbfqSSg7RUDZxYkFkJ-esPp3QbsEFOWZVWLlIQ6dpZcBgLWTAru0IcfCI_TWZixqiAFuugBwkAZB8EmCN5jH0qslYyQC9D3UszAUqwGmRid7KMfySidaXjcBcpjJitE7uD7slDa4hDfGRhfoeW5JQwzn&sai=AMfl-YRiBwoeVaGVsX5qZbR9gMj5eZv9l63GN3RMaV8JbynrXp-_cpKSn8dl6gz2PwNnftPFxLFBs39g4QJJqmgig460dHBNGx5c9NnmtM939XoUvbjEeRLeup9AZ3dzJ_o&sig=Cg0ArKJSzD6-Rp8i_k-9EAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET DATA	200 OK	truncated / Frame 50CD	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d7a8153d773a4adf4f623590e26f0c989a3067416e33e2dffe7ad15cfc1f537 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 6EAF	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2317f8b9eddc0053ab98c9ac10fd9165ff418aee491b782d4637715e70e7c398 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7FC6	0 0	73ms 73ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUrSuNOwYliBkyEJQyIagHwlhk7m8ayP10IQmt6EV53NxCylEpo1n3wyIE_QKb9MKxD67FBfEzjxu5rbGBJQltu4DHWTHjLTcVs5u8qc7-dJMbtDHp7_NdQnH8jmfXpfcE2q8sQTs1jqSEBBgzWbEu4V68gs59rQ9Fy85eeEn7GFWiEXO872ctohOjJIxSG6OTTudo-2KtGvKGn7Pz7xzQWrNjpEaJ2kj__avzi72apbzw8uPdYqFRv83IrvUVSMVAU0MMbsh5Q5BPBVijkogv-frBQEwZcncpV_4XEzCdRBsvHINdq0D6IG577LQv&sai=AMfl-YS8d8klGLZOTo17ababJc6htZzd5nmKS_pIU1qz83dTSxnX8beIOV_RWliOCHDV8GFlWD0AmMGDbwTMie6HqvjVguzkp_UkK89ZICYaXaQZxqMfo_5MMolKvftnCNM&sig=Cg0ArKJSzL0UJ31udgnBEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET DATA	200 OK	truncated / Frame 7FC6	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c964e53c5ea78fd0d421ad2db46076b7821a5f5ea70f9ed9a6b59278523f6ea Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6EAF	0 0	74ms 73ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTN8-K1TMEWlX1Y400K6r7LucIY9Vq6wxv11pz54NN95pD8I7HdG7Gjzo_k5UZu_jcn44Bqf5LMY4XrJfbwv90KBfVuz0DExqGieny4EJVy7zREOhWjufyg60Bnok2tzN-bR9OmHUxWrjJ4btrI6-fyFD3jIpi88QU2J2Z28Vzfao_BdW4Di8ZWfFftwMqautmKqMkF-zM-daPobL9_CVmaWx5iTjCOu9RVRR4Tebl_A3R8dJyM543P5FDCxbGAtrWnFs1uHyVrUvQbKWhmosYt-KfHBS0kq0oXE1wIBfvf9SnewTlUXEwVRNxgjUOBGJy1w&sai=AMfl-YSXLagBAsDECU8J4RayfxP0q4oqShmY1iEmhK0Aj3hYbPdqbGtrK0h0o5Zq1n9wsxDA_C7BNLLCZy3eCT9zkBFHM70zh06IRVOskRZK3YGiiSPkqHFjENzrAdQe6CU&sig=Cg0ArKJSzG4B2FBlpggwEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame EFA9	0 0	74ms 73ms	Fetch image/gif	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupevhhOvK7gTwNT21F2zdzmXJ86gG8TFArOX3oaRXrULHNabOb_yATQRlohM8XWV-m-gCumahMV98e1KLFg_XkUVysVM9AMupq0a3sa8Wx4S6zP2O611kW3ryTByF_zaOIeKT2IIf4_Whd-S-5ZzOSsVfHDtKY0ndV8nVTtpO039oUQnxpMfQCYJfoLG7MJDuwX-uygPCFLh4RNR-cgl5VJyl3ixAy0nQXzKpCLLIdF6T7-LVSASxdZwuzpul3w3bzJTPmMUtZxD8ppsQTIWJAP_fh4k_b6sIkvQiaJ3mqSW0FGxdkkawhW0rj4zGq5Uhu&sai=AMfl-YTYr2LRUSFHu5JEcjZrA_BgFdU4J1drTfCVuaWlgw5pVj83yRhwUcrlZMK1kOFDypCAYi0wh2HTwnyeJclYuSgXGBS4W_pphEcwIMB0sDZKuRS2zd2iFgxjyjta7Zw&sig=Cg0ArKJSzD8-ZMyP7bSsEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:49 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Tue, 30 Nov 2021 11:17:49 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 6293	2 KB 2 KB	37ms 36ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 03:05:30 GMT x-content-type-options nosniff age 547939 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 01 Dec 2021 03:05:30 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 6293	15 KB 15 KB	86ms 39ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzKLQUAAAAAArbZSkaOmiQQ7L7sbNLrrqi7T7K&co=aHR0cDovL3Y2cTlzNXQ4LnNzbC5od2Nkbi5uZXQ6ODA.&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=bqblspikad4v Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 17:06:41 GMT x-content-type-options nosniff age 583868 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 17:06:41 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	138ms 54ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7176f28ff27a8cdd4bed69b9df5fd6d0c50f2efb920b8e82dcd84bbfe1624c6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers timing-allow-origin * date Tue, 30 Nov 2021 11:17:50 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9164 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	103ms 54ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 30 Nov 2021 11:17:50 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 30 Nov 2021 11:17:50 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 64D4	12 KB 5 KB	39ms 39ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Tue, 30 Nov 2021 11:12:50 GMT expires Wed, 30 Nov 2022 11:12:50 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame F4CD	783 B 535 B	50ms 50ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash dc324cfe13e75916f9cc67e7eca6a06f46d4e26f9ab294694970dbfa109e279b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-+8FKf5bBPNXlOfg23MT/tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 30 Nov 2021 11:17:50 GMT date Tue, 30 Nov 2021 11:17:50 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-+8FKf5bBPNXlOfg23MT/tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F4CD	0 0	134ms 89ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2280480222904421&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H3	200	Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response pagead2.googlesyndication.com/bg/ Frame 64D4	35 KB 13 KB	79ms 37ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 29 Nov 2021 14:13:02 GMT content-encoding br x-content-type-options nosniff age 75888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13476 x-xss-protection 0 last-modified Mon, 08 Nov 2021 11:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 29 Nov 2022 14:13:02 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	73ms 73ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2280480222904421&bg=!np2lndnNAAZQLpa_UC47ACkAdvg8WhxX0EHbz7STFMqpieLnTEDkkO0S0lC55PhGyQkhCcmyETKARwIAAABlUgAAAAtoAQeZAoUudRKPwzJFjyWsu0wlMWbLRa9fMfIY9PKiWLM4LDBAqpKkcSxykDaQbHMQZk8HOIYxLL3UyQ94O5kzq6SWQIaUtxQIKt1AnuqP8LiEqQ6euDks8XMPp6Nbj0uQXKgaEEPV9kqb3GM3mm2Udwc4NPMtNd9NDzjym4sdLTI2uWJGvmWApB5RASKt8MsRuWUvMU7_UlV438Dv4-FOz9RqJhQQWGEdnHo17qsTNkA4aX7Vo9wJGPNw_fH-0XL71RQ6PDH3tZc57twb22E98FYkHI1PM24BH56XdZQ8e-VBFu_a6r8PQXVNPEc-aL4W4_i8ceQdnAVL7eDL-jxCLLMK5H489epWWX7mMJtX4EEFtSAEv7DOAYwkvs3PAVMR8rbHt47tsjno4Mf83kaO2YORvpuQ0wYGvfO9rs4AhjI46OK7iB6HkPWFrI8_EeTgzQbRLsWiKz_hcRVJztVlN1XrEEUhk7X8kFhfB4uRrGDH7rpVyzsfFcLiWmigr01D7usdYKYvF358MnwS_BTU16l1-L68AXz-sgyACZWGAzuRMAMmv6FoH_NnumyQsVbDYtDAiAozMfpfnNE0C-aUK9OowJaS5ntSS8c2ZE8Y6dzNsiJe93jvWuQc6OBD7wgRT7o2xfIaTJfH9c-KWWfYi26Zxv_ViCmbzkxZnT0PuFrgoTWbYSs-ho-gN-nHQqcckeCOls88gB-lDSxKLS4k8jdoqK7Fw1Pg5JhSY53_6wofMw5ipdhaxVMm741oXwuUnljzpa7dbuljXt-15o4K4krzVGpr-9rnONd3CFUEIR_IBEtHW1hsgx6By9WDZU6X6pWhEJ8GOlczEpNXKGAD5Df2dlp2F99idEA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 50CD	42 B 64 B	118ms 72ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstv_ScCNh9tO8z3qJ5Qmt5xEmLSwSdgktWC1iAgZ2iyMd2EtQgoiPS0dLECTjjRqBr7Snxr1Odda1Jg9BZzCYcJ0GfOT2QRDSdT7aEeC73MD0zOt0Mr&sig=Cg0ArKJSzNCRp6XxqBkzEAE&id=lidar2&mcvt=1000&p=786,650,1036,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1277332689&rs=4&la=0&cr=0&vs=4&r=v&rst=1638271069291&rpt=241&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7FC6	42 B 64 B	83ms 71ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGv1eLxzULN0LRf3m4J40aeB2xXhpkhuKtf2xPam1rlbJdWnQuf8AlvbVf0AAcWX5j1KBauGtvNrUZf8vCY1O0MoLwwA2AelN-MBpSu3_jekbVPppG&sig=Cg0ArKJSzJIfcDbKAfH3EAE&id=lidar2&mcvt=1000&p=786,1022,1036,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2689354670&rs=4&la=0&cr=0&vs=4&r=v&rst=1638271069298&rpt=275&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame EFA9	42 B 64 B	83ms 72ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzmI_MlWOe3zSE1LQEsuXt8No4wjkTIl2zO85mXnN6QIoW22x23tRAzV-P3uVvPXXpLXIgkCTS_HqW0EctwZkXgVduXaZBUE6ygTLuc2bqLqzG5t4v&sig=Cg0ArKJSzEMI77dyLlVOEAE&id=lidar2&mcvt=1002&p=201,436,291,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2618430259&rs=4&la=0&cr=0&vs=4&r=v&rst=1638271069260&rpt=320&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6EAF	42 B 64 B	82ms 72ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0HzqPKVH0sGtUHgXFqPQgcQjnKtdyhtSVZeFCCaWJ3fjBitdjOpd0vSOa5Hz8_0kU-CjdSCosR14ZsEQ89ETU5XwkQTWFeCag4uczaWltj2k0I7YY&sig=Cg0ArKJSzB2ceal94rVtEAE&id=lidar2&mcvt=1003&p=786,278,1036,578&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1475308795&rs=4&la=0&cr=0&vs=4&r=v&rst=1638271069286&rpt=292&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://v6q9s5t8.ssl.hwcdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 30 Nov 2021 11:17:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT