www.pff.com Open in urlscan Pro
2606:4700:10::6816:ec4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pff.com/
Effective URL:
https://www.pff.com/
Submission: On May 16 via api (May 16th 2024, 8:38:38 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 66 HTTP transactions. The main IP is 2606:4700:10::6816:ec4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pff.com. The Cisco Umbrella rank of the primary domain is 101248.
TLS certificate: Issued by GTS CA 1P5 on May 9th 2024. Valid for: 3 months.

This is the only time www.pff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	2606:4700:10:... 2606:4700:10::6816:ec4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.27.116 13.32.27.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	146.20.124.69 146.20.124.69	27357 (RACKSPACE) (RACKSPACE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.12 13.32.27.12	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	50.17.204.237 50.17.204.237	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	50.19.89.137 50.19.89.137	14618 (AMAZON-AES) (AMAZON-AES)
66	20

21 2606:4700:10::6816:ec4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dashboard.pff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.pff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.20.124.69 (United States)

ASN27357 (RACKSPACE, US)

sportsdata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-12.fra56.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.204.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-204-237.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.19.89.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-89-137.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	pff.com 1 redirects www.pff.com — Cisco Umbrella Rank: 101248 dashboard.pff.com — Cisco Umbrella Rank: 549887 media.pff.com — Cisco Umbrella Rank: 106968	935 KB
9	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 7860 api.sprig.com — Cisco Umbrella Rank: 4242	51 KB
9	gstatic.com fonts.gstatic.com	109 KB
7	google.com cse.google.com — Cisco Umbrella Rank: 3089 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 479	193 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 t.clarity.ms — Cisco Umbrella Rank: 5694 c.clarity.ms — Cisco Umbrella Rank: 1385	29 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1984 heapanalytics.com — Cisco Umbrella Rank: 1452	40 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	3 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9403 prism.app-us1.com — Cisco Umbrella Rank: 9486	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	74 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 231	764 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9557	315 B
1	sentry.io sentry.io — Cisco Umbrella Rank: 158	324 B
1	sportsdata.io sportsdata.io — Cisco Umbrella Rank: 82859	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	92 KB
66	15

	Domain	Requested by
15	www.pff.com	1 redirects www.pff.com
9	fonts.gstatic.com	fonts.googleapis.com
8	api.sprig.com	www.pff.com
4	www.google.com	cse.google.com www.google.com
3	t.clarity.ms	www.pff.com
3	media.pff.com	www.pff.com
3	dashboard.pff.com	www.pff.com dashboard.pff.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	www.pff.com
2	heapanalytics.com	www.pff.com
2	cse.google.com	www.pff.com www.google.com
2	connect.facebook.net	www.pff.com connect.facebook.net
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	fonts.googleapis.com	www.pff.com dashboard.pff.com
1	c.bing.com	1 redirects
1	trackcmp.net	diffuser-cdn.app-us1.com
1	clients1.google.com	www.pff.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	sentry.io	www.pff.com
1	diffuser-cdn.app-us1.com	www.pff.com
1	cdn.sprig.com	www.pff.com
1	sportsdata.io	www.pff.com
1	www.googletagmanager.com	www.pff.com
1	cdn.heapanalytics.com	www.pff.com
66	24

This site contains links to these domains. Also see Links.

Domain
premium.pff.com
apps.apple.com
b2b.pff.com
twitter.com
www.facebook.com
www.instagram.com
sportsdata.io
shop.pff.com
www.youtube.com
discord.gg
profootballfocussupport.zendesk.com

Subject Issuer	Validity	Valid
pff.com GTS CA 1P5	`2024-05-09` - `2024-08-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.sportsdata.io Go Daddy Secure Certificate Authority - G2	`2023-12-13` - `2025-01-10`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-24` - `2024-05-24`	3 months	crt.sh
api.sprig.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
diffuser-cdn.app-us1.com E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
prism.app-us1.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.pff.com/
Frame ID: 00DA2B5DAE8BB4B9600218581CE0B1EC
Requests: 55 HTTP requests in this frame

Frame: https://dashboard.pff.com/newsletter_signup
Frame ID: BE105F468D04FCB2F1A731AAF4148E80
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NFL, Fantasy Football, and NFL Draft | PFF

Page URL History Show full URLs

http://www.pff.com/ HTTP 307
https://www.pff.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

66
Requests

97 %
HTTPS

62 %
IPv6

15
Domains

24
Subdomains

20
IPs

3
Countries

1538 kB
Transfer

4847 kB
Size

20
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://premium.pff.com/nfl/teams
Title: Premium Stats

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pff-fantasy-betting-news/id1582525285
Title: The PFF App

Search URL Search Domain Scan URL

URL: https://b2b.pff.com/
Title: PFF for Business

Search URL Search Domain Scan URL

URL: https://premium.pff.com/ncaa/teams
Title: NCAA Premium Stats

Search URL Search Domain Scan URL

URL: https://premium.pff.com/aaf/teams
Title: AAF Premium Stats

Search URL Search Domain Scan URL

URL: https://premium.pff.com/xfl/teams
Title: XFL Premium Stats

Search URL Search Domain Scan URL

URL: https://twitter.com/pff
Title: @PFF

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ProFootballFocus/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/profootballfocus/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/PFF_Fantasy
Title: @PFF_Fantasy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PFF.Fantasy
Title: Fantasy Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pff_fantasy
Title: Fantasy Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/PFF_College
Title: @PFF_College

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Pro-Football-Focus-College-107571294364458
Title: College Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pff_college
Title: College Instagram

Search URL Search Domain Scan URL

URL: https://sportsdata.io/

Search URL Search Domain Scan URL

URL: https://shop.pff.com/
Title: PFF Merchandise

Search URL Search Domain Scan URL

URL: https://www.youtube.com/profootballfocus
Title: YouTube

Search URL Search Domain Scan URL

URL: https://discord.gg/e5vcjvNjPs
Title: Discord

Search URL Search Domain Scan URL

URL: https://profootballfocussupport.zendesk.com/hc/en-us/requests/new
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://profootballfocussupport.zendesk.com/hc/en-us
Title: Frequently Asked Questions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pff.com/ HTTP 307
https://www.pff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&RedC=c.clarity.ms&MXFR=04361C0B8E2A615D0329088A8A2A6FF9 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&MUID=2FD3557BC98B6C2E31D441FAC8596D60

Request Chain 57

https://www.pff.com/favicon-8a6b12a2a44222760573c46e139b5596.ico?vsn=d HTTP 301
https://www.pff.com/favicon.ico

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.pff.com/
Redirect Chain

http://www.pff.com/
https://www.pff.com/

123 KB
18 KB

734ms
685ms

Document
text/html

2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pff.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5166f63d1b82bc575d19d1763eb79e9e53430786224b55a9ef04f99ce6a5cf1c

Security Headers

Name	Value
Content-Security-Policy	frame-src *.pff.com www.facebook.com www.youtube.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 884e2bf88ad15c85-FRA
content-encoding: br
content-security-policy: frame-src *.pff.com www.facebook.com www.youtube.com
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Thu, 16 May 2024 20:38:31 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66466ec6-21ccb9a91b81ffe96df5fc11
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.pff.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 109ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca823261d1b41c57b3365c7238e8b93fb41dd2725b8be36c0899ca20e6aa9be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 20:38:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 20:38:31 GMT

GET
H3 200 styles-865744c06bb316340c34e85d153dc2fb.css
www.pff.com/css/ 474 KB
78 KB 53ms
53ms Stylesheet
text/css 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/css/styles-865744c06bb316340c34e85d153dc2fb.css?vsn=d
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c2406a1df95943cf478b15fbe3d30cfd4692fe0357e1d42ad7c58375f6eec6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 16:19:52 GMT
server: cloudflare
age: 706719
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884e2bfd0f885c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H3 200 pff_plus_logo.svg
www.pff.com/images/webui/ 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pff.com/images/webui/pff_plus_logo.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f21cb9f7c848a8d3f72f12080c9b29d980ab1236693ebbfe34485950bca95e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4832
etag: W/"2009C05"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfdb81b5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H3 200 default-article-spinner.svg
www.pff.com/images/webui/ 619 B
530 B 47ms
46ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pff.com/images/webui/default-article-spinner.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11e6ddef739772e110d5c1ac4a4635291c7d39f73bc5cdae08a70a3062240208

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 981
etag: W/"175D78C"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfdb81f5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H2 200 heap-2100373990.js Show response
cdn.heapanalytics.com/js/ 121 KB
39 KB 236ms
133ms Script
application/javascript 13.32.27.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2100373990.js

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-116.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

bc335a6a779f40f3c69cd77917470781292743980d4ad65d111ace20143c2f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:23 GMT
content-encoding: br
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 8
x-powered-by: Express
etag: W/"1e5f4-iV0jP9NVTbDTsRXCzxRGcSkQFck"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fhQAkHg59UuPnf-WkdQCi7Zo1zPBPq_q_p0iDuYsQRNn8oWDr-yE_g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
92 KB 115ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MWLLR6

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90485ed87ae7d5f8e9ba73324c407ad0de5e6056afdf4ccea25dcc35d6ae4cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93434
x-xss-protection: 0
last-modified: Thu, 16 May 2024 19:02:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 20:38:31 GMT

GET
H3 200 icon-symbols.svg
www.pff.com/images/ 48 KB
16 KB 52ms
52ms Other
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/images/icon-symbols.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62c7eaecb3981cb2104e56b6d67602e213eb6b32c1a897a860bd76ad836e450

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1571
etag: W/"76C0ECA"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfdf8615c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H3 200 newsletter_signup Show response
dashboard.pff.com/ Frame BE10 1 KB
1 KB 502ms
490ms Document
text/html 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.pff.com/newsletter_signup

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5776d7a82ca2793712a4cf85c9e2062e894d058b7b5e46e61bdbada7fe67b3d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.pff.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.pff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 884e2bfe08755c85-FRA
content-encoding: br
content-security-policy: frame-ancestors *.pff.com
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Thu, 16 May 2024 20:38:31 GMT
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F9ASmkJP_fhiHx8AAN4S
x-xss-protection: 1; mode=block

GET
H3 200 nfl-symbols.svg
www.pff.com/images/ 337 KB
132 KB 62ms
61ms Other
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/images/nfl-symbols.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ba26cbe60547c30dba3d1d5f9134476924e8265e0dfe58e27c36c326a9b911

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 981
etag: W/"4384425"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfdf8645c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 133ms
67ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:24:33 GMT
x-content-type-options: nosniff
age: 216838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21352
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:24:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
31ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:57:28 GMT
x-content-type-options: nosniff
age: 196863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:57:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 114ms
48ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:40:21 GMT
x-content-type-options: nosniff
age: 194290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:40:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 90ms
24ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:07:33 GMT
x-content-type-options: nosniff
age: 196258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:07:33 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 140ms
74ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:09 GMT
x-content-type-options: nosniff
age: 217222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21440
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:18:09 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 124ms
58ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:24:26 GMT
x-content-type-options: nosniff
age: 216845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20432
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:24:26 GMT

GET
H2 200 sportsdataio_light_100.png
sportsdata.io/assets/images/badges/ 3 KB
4 KB 398ms
130ms Image
image/png 146.20.124.69
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sportsdata.io/assets/images/badges/sportsdataio_light_100.png?v=1
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.20.124.69 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1e6fff676a89c000ac8e093dd59cbd56b1c37f74c18f0db1049968230446e420

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:30 GMT
last-modified: Fri, 24 Feb 2023 17:03:21 GMT
server: Microsoft-IIS/10.0
cross-origin-opener-policy: same-origin
etag: "c5161be67148d91:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 3433

GET
H3 200 pff-logo.svg
www.pff.com/images/ 707 B
608 B 47ms
47ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pff.com/images/pff-logo.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e51870459f798872b9023e291a2e55ebe5afca500ac1f3de6775d6e2339c4a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1571
etag: W/"56F830D"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfe78be5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H3 200 shared_nav-f55e14dfbabf513cc2a9dfd387384169.js Show response
www.pff.com/js/ 1 MB
345 KB 67ms
66ms Script
text/javascript 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8724212cc5c02f2d7e99234c07fd8545a43eeac6085403bb37230c672c28baa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 16:19:52 GMT
server: cloudflare
age: 706719
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884e2bfe78c15c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H3 200 default_entry-591ece332f70c749a0cc72fd13c533d3.js Show response
www.pff.com/js/ 28 KB
7 KB 47ms
47ms Script
text/javascript 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/js/default_entry-591ece332f70c749a0cc72fd13c533d3.js?vsn=d
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9636611da15a2b2a920634b063d40124c680016f6e255eeb81f4c35cae4783f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 16:20:31 GMT
server: cloudflare
age: 706680
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884e2bfe78c35c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H2 200 9orj5itjcu Show response
www.clarity.ms/tag/ 637 B
1000 B 250ms
149ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9orj5itjcu?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWLLR6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 31c2d32c24dda35346bb9a8976a7a6a5a6430bc36517fbb84d3a94c80e515498

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 16 May 2024 20:38:31 GMT
x-azure-ref: 20240516T203831Z-1675f555588xbskxy6dt2m0ft800000002f0000000010yph
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 86ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 20:38:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1326, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: d+whcvgjGJD7Q2JC61LTNwC135/oM9mSe0ah9xjW5LPqv9c+KYiXMSjF7Ml5SbhIsaX+dPRBfkY1ewS6Im7mTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 shim.js Show response
cdn.sprig.com/ 142 KB
47 KB 124ms
39ms Script
application/javascript 13.32.27.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=mYc_Pf83Fcbi
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d6dc10ad4eead16e76f7a16ec265a53e51845cb3abfb505f28ee005908ff803

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 16:37:47 GMT
x-amz-version-id: VUB1_464W_mhfpVZikjkYuG6JsuxjqZb
content-encoding: br
last-modified: Fri, 10 May 2024 18:57:38 GMT
server: AmazonS3
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"8427562f259e613ca070b820189e48bc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 14445
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dy14OVnmBqTLugADf0C32tZ1C41rPYuP5tiwS3t1BXgBmFOsHzGkbQ==

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 115ms
45ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: gzip
via: 1.1 6a5eda21ba47fc7b4d3ca7ac7a9ac958.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P10
age: 196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 884e2bffff4292c6-FRA
x-amz-cf-id: paTN7byaYU5yStFQSofQiKU6S2w3BbROvO_h9TWbm4GO40ti7S-C_A==

POST
H2 200 / Show response
sentry.io/api/182360/envelope/ 2 B
324 B 232ms
151ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/182360/envelope/?sentry_key=9b0db267e05448858cf52311bc061539&sentry_version=7

Requested by

Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-63ea60d30e4ef4a84b7cc33c84dad975.css
dashboard.pff.com/css/ Frame BE10 263 KB
41 KB 61ms
60ms Stylesheet
text/css 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.pff.com/css/app-63ea60d30e4ef4a84b7cc33c84dad975.css?vsn=d
Requested by: Host: dashboard.pff.com
URL: https://dashboard.pff.com/newsletter_signup
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f39fa4cbb0bbd49dc3ba4552bbb27ab03f1653db2c3ea81e809ec332a8e695

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.pff.com/newsletter_signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 18:41:09 GMT
server: cloudflare
age: 4499842
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 884e2c017bcb5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H3 200 icon-symbols-a49e197519c370dba91a4c25296beab6.svg
www.pff.com/images/ 48 KB
16 KB 57ms
56ms Other
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/images/icon-symbols-a49e197519c370dba91a4c25296beab6.svg?vsn=d
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62c7eaecb3981cb2104e56b6d67602e213eb6b32c1a897a860bd76ad836e450

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 20:06:56 GMT
server: cloudflare
age: 2075495
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884e2c018bd95c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H3 200 nfl-symbols-1f83e01fe54ad629abb4bc9871698688.svg
www.pff.com/images/ 337 KB
132 KB 70ms
69ms Other
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/images/nfl-symbols-1f83e01fe54ad629abb4bc9871698688.svg?vsn=d
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ba26cbe60547c30dba3d1d5f9134476924e8265e0dfe58e27c36c326a9b911

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 19:59:27 GMT
server: cloudflare
age: 4495144
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884e2c018bdd5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:31 GMT

GET
H3 200 pff-logo.svg
www.pff.com/images/ 707 B
0 0ms
0ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pff.com/images/pff-logo.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e51870459f798872b9023e291a2e55ebe5afca500ac1f3de6775d6e2339c4a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1571
etag: W/"56F830D"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2bfe78be5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H3 200 new-label.svg
www.pff.com/images/webui/ 794 B
616 B 53ms
52ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pff.com/images/webui/new-label.svg
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d03a7b813ae25a9c8c44d9b7512180f7ff4ee22bc207b8533c84141893d7097

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1571
etag: W/"252375A"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2c019be85c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:31 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 135ms
54ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=d8671e796471ba795

Requested by

Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8a1995e04e5cfed46ed99fb84bf6eab6610d27ccd587b108850df67e92078f79

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-fdE-mW8hAh8oKXoyNPquWg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fdE-mW8hAh8oKXoyNPquWg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Thu, 16 May 2024 20:38:32 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3046
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 54ms
54ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9orj5itjcu?ref=gtm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
content-encoding: br
last-modified: Wed, 15 May 2024 11:08:13 GMT
etag: W/"0x8DC74CF502F224C"
vary: Accept-Encoding
x-azure-ref: 20240516T203831Z-1675f555588xbskxy6dt2m0ft800000002f0000000010ypt
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 246d95d6-101e-0065-3af2-a6809f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 Eagles_FrontOffice-Alamy-scaled.jpg
media.pff.com/2024/05/ 33 KB
33 KB 65ms
51ms Image
image/jpeg 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pff.com/2024/05/Eagles_FrontOffice-Alamy-scaled.jpg?w=632&h=309
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.13
Resource Hash: 92e9a1662e1f9dcd2f1af94dd7e9d068eee80f6e443a97bd5081116a6970d783

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 15 May 2024 13:43:09 GMT
server: cloudflare
age: 111322
x-powered-by: PHP/8.1.13
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 884e2c01cc1e5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 May 2025 13:43:09 GMT

GET
H3 200 2X3G0WM-scaled.jpg
media.pff.com/2024/05/ 50 KB
50 KB 63ms
50ms Image
image/jpeg 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pff.com/2024/05/2X3G0WM-scaled.jpg?w=632&h=309
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.13
Resource Hash: 0c2523284bbf2b9bf5e94b226a58eb99d6fae6a3180c75acedc16aad968b9013

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 13 May 2024 13:01:03 GMT
server: cloudflare
age: 286648
x-powered-by: PHP/8.1.13
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 884e2c01cc1c5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 May 2025 13:01:03 GMT

GET
H3 200 Adebo-Paulson-Alamy-scaled.jpg
media.pff.com/2024/05/ 58 KB
58 KB 65ms
52ms Image
image/jpeg 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pff.com/2024/05/Adebo-Paulson-Alamy-scaled.jpg?w=632&h=309
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.13
Resource Hash: 8cbc9cd59740cb72f1b05881a0ab2c83028d808b39cf2456a4dd1870bc281c9e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:31 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 13 May 2024 13:01:03 GMT
server: cloudflare
age: 286648
x-powered-by: PHP/8.1.13
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 884e2c01cc1a5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 May 2025 13:01:03 GMT

GET
H2 200 add_user_properties_v3
heapanalytics.com/api/ 37 B
260 B 409ms
137ms Image
image/gif 50.17.204.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/add_user_properties_v3?a=2100373990&u=1058984429968054&v=2382234188223216&s=1309309009384124&b=web&tv=4.0&_is_internal=No&st=1715891911950

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.17.204.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-204-237.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 20:38:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 209574097186985 Show response
connect.facebook.net/signals/config/ 67 KB
15 KB 159ms
159ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/209574097186985?v=2.9.156&r=stable&domain=www.pff.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3cc7b25bb7574a6d4dfa983af760ed06d74f034f2a8e962c420514f41c9db8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 20:38:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=63, mss=1326, tbw=63388, tp=-1, tpl=-1, uplat=131, ullat=0
pragma: public
x-fb-debug: PAuZ7SOP+ikswVc07loUxYID3JXDg60J3dNtFoXFrqcNARdPu4BVvlEvER9eCFaKE6xPRb2WbVgMv60O1raccQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 364ms
133ms Image
image/gif 50.17.204.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2100373990&u=1058984429968054&v=2382234188223216&s=1309309009384124&b=web&tv=4.0&z=0&h=%2F&d=www.pff.com&t=NFL%2C%20Fantasy%20Football%2C%20and%20NFL%20Draft%20%7C%20PFF&k=Premium%20Article%20Flag&k=false&k=Logged%20In%20Status&k=false&k=Internal%20Traffic%20Flag&k=false&k=Site%20Category&k=Homepage&k=Content%20Type&k=Page&k=Page%20Type&k=Homepage&k=Site%20Section&k=homepage&ts=1715891911949&ubv=125.0.6422.60&upv=10.0.0&st=1715891911991

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.17.204.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-204-237.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 20:38:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
497 B 275ms
199ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=651055355&u=https%3A%2F%2Fwww.pff.com%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.27

Resource Hash

fdadba69f16dde0054b3ed06fbaf252f080a70837a9c5339b9dcbd22b99921f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.27
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 66
cf-ray: 884e2c0279819016-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame BE10 24 KB
1 KB 44ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i

Requested by

Host: dashboard.pff.com
URL: https://dashboard.pff.com/css/app-63ea60d30e4ef4a84b7cc33c84dad975.css?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

064644f31e514418b37f8f10783d608aca318f0ffbcb1d6afbe0b22ec5c80bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 20:38:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 20:38:32 GMT

GET
H3 200 triangle-cluster-blue-darker-b9d3e24dc1775bc0fb4b59b1c1d2c5c9.svg
dashboard.pff.com/images/ Frame BE10 3 KB
1 KB 57ms
57ms Image
image/svg+xml 2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashboard.pff.com/images/triangle-cluster-blue-darker-b9d3e24dc1775bc0fb4b59b1c1d2c5c9.svg?vsn=d
Requested by: Host: dashboard.pff.com
URL: https://dashboard.pff.com/css/app-63ea60d30e4ef4a84b7cc33c84dad975.css?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe74acee95eb1781508df2376f409c1e32fdb0bf147cd6f7e04189e0a94e938

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.pff.com/css/app-63ea60d30e4ef4a84b7cc33c84dad975.css?vsn=d
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 18:41:10 GMT
server: cloudflare
age: 4499842
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 884e2c028ced5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 May 2025 20:38:32 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ Frame BE10 21 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dashboard.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:09 GMT
x-content-type-options: nosniff
age: 217222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21440
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:18:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE10 15 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dashboard.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:07:33 GMT
x-content-type-options: nosniff
age: 196258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:07:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE10 15 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,700,700i,900|Barlow+Condensed:500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dashboard.pff.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:57:28 GMT
x-content-type-options: nosniff
age: 196863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 13:57:28 GMT

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/8435450f13508ca1/ 318 KB
106 KB 117ms
46ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d8671e796471ba795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108214
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 16 May 2024 20:38:32 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/8435450f13508ca1/ 41 KB
9 KB 111ms
40ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d8671e796471ba795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 16 May 2024 20:38:32 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 102ms
31ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d8671e796471ba795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 16 May 2024 21:18:34 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 405ms
132ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.pff.com
Date: Thu, 16 May 2024 20:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 89ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=209574097186985&ev=PageView&dl=https%3A%2F%2Fwww.pff.com%2F&rl=&if=false&ts=1715891912171&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715891912167.2004001007&cs_est=true&ler=empty&cdl=API_unavailable&it=1715891911984&coo=false&rqm=GET

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1326, tbw=2794, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 May 2024 20:38:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 198ms
138ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=209574097186985&ev=PageView&dl=https%3A%2F%2Fwww.pff.com%2F&rl=&if=false&ts=1715891912171&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715891912167.2004001007&cs_est=true&ler=empty&cdl=API_unavailable&it=1715891911984&coo=false&rqm=FGET

Requested by

Host: www.pff.com
URL: https://www.pff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdf35c2c35611d096","source_keys":["1","2"]},{"key_piece":"0xaf5122e378a43264","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 16 May 2024 20:38:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1326, tbw=3112, tp=-1, tpl=-1, uplat=108, ullat=1
pragma: no-cache
x-fb-debug: F0SUjWXdOM3ahwGzouSzdKafFzJxpfhZB81cIFm2rWLltvGc4hgtliRj2xv0PNZYpCHqgKdYgnShcHKpKpmYuA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 647ms
392ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.pff.com
Date: Thu, 16 May 2024 20:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 182 KB
72 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17306d464a1dd38a746e13e3d1cd430127897877e2af255150b7fc38300efaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15220420107392618189"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Thu, 16 May 2024 20:38:32 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 28ms
27ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:44:52 GMT
x-content-type-options: nosniff
age: 219220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 14 May 2025 07:44:52 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 127ms
24ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.pff.com
URL: https://www.pff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 243ms
148ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=651055355&prismid=5965c776-b91b-4d7d-b324-24a532a4165f&url=https%3A%2F%2Fwww.pff.com%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.28
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.28
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 14
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 884e2c049a5337d8-FRA
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&RedC=c.clarity.ms&MXFR=04361C0B8E2A615D0329088A8A2A6FF9
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&MUID=2FD3557BC98B6C2E31D441FAC8596D60

42 B
442 B

65ms
65ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&MUID=2FD3557BC98B6C2E31D441FAC8596D60
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.pff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 May 2024 20:38:32 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 16 May 2024 20:38:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76DB4A66E74848C0B2D658944569A358 Ref B: FRAEDGE2010 Ref C: 2024-05-16T20:38:32Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6DCA1B2E61234092A52EE1BA92394501&MUID=2FD3557BC98B6C2E31D441FAC8596D60
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/ 3 KB
1 KB 312ms
312ms Fetch
application/json 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/config
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 6524612dea0026cb545ac5fbe37df8efebe649963d7e9feec75745fa1cc68160

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://www.pff.com/
x-ul-sdk-version: 2.29.0
x-ul-environment-id: mYc_Pf83Fcbi
userleap-platform: web
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:33 GMT
content-encoding: gzip
server: istio-envoy
etag: W/"c89-ooXqIot+CSyos24whFPQ9jQZFG0"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 144
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/ Frame 0
0 521ms
245ms Preflight 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/config
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://www.pff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 16 May 2024 20:38:32 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 15

GET
H3

200

favicon.ico
www.pff.com/
Redirect Chain

https://www.pff.com/favicon-8a6b12a2a44222760573c46e139b5596.ico?vsn=d
https://www.pff.com/favicon.ico

15 KB
1 KB

605ms
604ms

Other
image/vnd.microsoft.icon

2606:4700:10::6816:ec4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pff.com/favicon.ico
Protocol: H3
Server: 2606:4700:10::6816:ec4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 458d31dbab86e6fb18a669dd8b4ec546ccf5defd67e850045169bc9842ee0738

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.pff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 16 May 2024 20:38:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"75C8BDD"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 884e2c090b3f5c85-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 00:38:33 GMT

Redirect headers

date: Thu, 16 May 2024 20:38:33 GMT
cf-cache-status: MISS
server: cloudflare
x-amzn-trace-id: Root=1-66466ec9-57dce157242383081eb6e611
vary: Accept-Encoding
location: /favicon.ico
cache-control: public, max-age=14400
cf-ray: 884e2c059fc45c85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Fri, 17 May 2024 00:38:33 GMT

PUT
H/1.1 204
No Content 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8 Show response
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/ 0
701 B 363ms
261ms Fetch 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://www.pff.com/
x-ul-sdk-version: 2.29.0
x-ul-environment-id: mYc_Pf83Fcbi
userleap-platform: web
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:33 GMT
server: istio-envoy
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6Im1ZY19QZjgzRmNiaSIsInZpZCI6IjBkNzE1YjBlLTFmNmQtNGMyOS05MjRkLWU4ZjBhMDk3OWNmOCIsImlhdCI6MTcxNTg5MTkxMywiZXhwIjoxNzE2MDY0NzEzfQ.zp00sPWr8pFIzBWqBu8OCJ22O3YJtRVMOu_8pUwDH8ENzmjvW7wHSxAQg5RgmYVZeyLAEHiI31zAUAQaaMO6VQ
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 44
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/ 0
701 B 215ms
214ms Fetch 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/attributes
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://www.pff.com/
x-ul-sdk-version: 2.29.0
x-ul-environment-id: mYc_Pf83Fcbi
userleap-platform: web
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:33 GMT
server: istio-envoy
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6Im1ZY19QZjgzRmNiaSIsInZpZCI6IjBkNzE1YjBlLTFmNmQtNGMyOS05MjRkLWU4ZjBhMDk3OWNmOCIsImlhdCI6MTcxNTg5MTkxMywiZXhwIjoxNzE2MDY0NzEzfQ.zp00sPWr8pFIzBWqBu8OCJ22O3YJtRVMOu_8pUwDH8ENzmjvW7wHSxAQg5RgmYVZeyLAEHiI31zAUAQaaMO6VQ
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 25
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

POST
H/1.1 200
OK events Show response
api.sprig.com/sdk/1/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/ 206 B
991 B 265ms
265ms Fetch
application/json 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/events
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 8ee08c2baa20dc6dcf24832b3a29c267cb591529d6d10f0736e081af7da0dafb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://www.pff.com/
x-ul-sdk-version: 2.29.0
x-ul-environment-id: mYc_Pf83Fcbi
userleap-platform: web
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 20:38:34 GMT
server: istio-envoy
x-ul-visitor-id: 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
etag: W/"ce-XOHvWwcSIj5QeWJVELBkOMck/8E"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6Im1ZY19QZjgzRmNiaSIsInZpZCI6IjBkNzE1YjBlLTFmNmQtNGMyOS05MjRkLWU4ZjBhMDk3OWNmOCIsImlhdCI6MTcxNTg5MTkxMywiZXhwIjoxNzE2MDY0NzEzfQ.zp00sPWr8pFIzBWqBu8OCJ22O3YJtRVMOu_8pUwDH8ENzmjvW7wHSxAQg5RgmYVZeyLAEHiI31zAUAQaaMO6VQ
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 86
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
content-length: 206

OPTIONS
H/1.1 204
No Content 0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/ Frame 0
0 150ms
150ms Preflight 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://www.pff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 16 May 2024 20:38:33 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 6

OPTIONS
H/1.1 204
No Content attributes
api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/ Frame 0
0 302ms
152ms Preflight 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/mYc_Pf83Fcbi/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/attributes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://www.pff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 16 May 2024 20:38:33 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 9

OPTIONS
H/1.1 204
No Content events
api.sprig.com/sdk/1/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/ Frame 0
0 472ms
223ms Preflight 50.19.89.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/visitors/0d715b0e-1f6d-4c29-924d-e8f0a0979cf8/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.19.89.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-89-137.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: POST
Origin: https://www.pff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 16 May 2024 20:38:33 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 4

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 136ms
135ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.pff.com
URL: https://www.pff.com/js/shared_nav-f55e14dfbabf513cc2a9dfd387384169.js?vsn=d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.pff.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.pff.com
Date: Thu, 16 May 2024 20:38:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pff.com/	1970-01-20 20:48:16	Name: AWSALB Value: zUqWrbV9pNoPQuxwXXHTCZdVjrz+6ItiavI2PurqJWa1hgxB771QWsR38VagCIEU2JPTwIHeFVxhHPZ9h8nRpk9FNHjjD8ltrMxya7S20rwW+Sp99HMUbrP1aTcI
www.pff.com/	1970-01-20 20:48:16	Name: AWSALBCORS Value: zUqWrbV9pNoPQuxwXXHTCZdVjrz+6ItiavI2PurqJWa1hgxB771QWsR38VagCIEU2JPTwIHeFVxhHPZ9h8nRpk9FNHjjD8ltrMxya7S20rwW+Sp99HMUbrP1aTcI
www.pff.com/	1969-12-31 23:59:59	Name: _merlin_key Value: SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYaEJRaFhTaDg1UjJMbnJzYnVuQ2EwcWlTbQAAABhsYXVuY2hfZGFya2x5X3Nlc3Npb25faWRtAAAAJGZlYmZkMTQzLTFlYzYtNDMyMC04N2Q0LWJlZmJmMjIxM2NlZG0AAAAabGF1bmNoX2RhcmtseV91c2VyX2NvbnRleHR0AAAAA2QACmF0dHJpYnV0ZXN0AAAAB2QAAmlwbQAAACQyMDAxOjFiNjA6MTAxMDozOjEwMTE6ZTNiNTozZGFmOjZmZjhtAAAACWFub255bW91c2QABHRydWVtAAAAC3BmZkludGVybmFsZAAFZmFsc2VtAAAACXBmZlVzZXJJZGQAA25pbG0AAAAHcHJlbWl1bWQABWZhbHNlbQAAAAlzZXNzaW9uSWRtAAAAJGZlYmZkMTQzLTFlYzYtNDMyMC04N2Q0LWJlZmJmMjIxM2NlZG0AAAAIc2lnbmVkSW5kAAVmYWxzZWQAA2tleW0AAAAkZmViZmQxNDMtMWVjNi00MzIwLTg3ZDQtYmVmYmYyMjEzY2VkZAAEa2luZG0AAAAEdXNlcm0AAAAJcmV0dXJuX3RvbQAAAAEv.P9oV2CwGP2yHkLAMSurcX6t9Qh6ulpAKzrPSWq3Tiks
.pff.com/	1970-01-20 22:47:47	Name: _gcl_au Value: 1.1.613324079.1715891912
www.clarity.ms/	1970-01-21 05:23:47	Name: CLID Value: 091a7ab29c454e11a6c998c48ddca9c2.20240516.20250516
dashboard.pff.com/	1970-01-20 21:21:23	Name: _cosmos_web_key Value: SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYdmpSTFR0VlJ3WERGd1ZRQlpSTHdKMThQbQAAABhsYXVuY2hfZGFya2x5X3Nlc3Npb25faWRtAAAAJDY2OGEyMGExLTNhOTAtNGE1MC1hYmQzLTMzODkyYjZjMjFjZm0AAAAJcmVtb3RlX2lwbQAAACQyMDAxOjFiNjA6MTAxMDozOjEwMTE6ZTNiNTozZGFmOjZmZjg.GcO0hoGHPGrVFzzrZDUwRwxuNWnsb2eB4jNRtZsQEGE
.pff.com/	1970-01-21 06:06:09	Name: _hp2_id.2100373990 Value: %7B%22userId%22%3A%221058984429968054%22%2C%22pageviewId%22%3A%222382234188223216%22%2C%22sessionId%22%3A%221309309009384124%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.pff.com/	1970-01-21 05:23:47	Name: _clck Value: 10c5s8o%7C2%7Cflt%7C0%7C1597
.pff.com/	1970-01-20 22:47:47	Name: _fbp Value: fb.1.1715891912167.2004001007
prism.app-us1.com/	1970-01-20 21:21:23	Name: prism_651055355 Value: 5965c776-b91b-4d7d-b324-24a532a4165f
.pff.com/	1970-01-20 21:21:23	Name: prism_651055355 Value: 5965c776-b91b-4d7d-b324-24a532a4165f
.pff.com/	1970-01-20 20:38:13	Name: _hp2_ses_props.2100373990 Value: %7B%22ts%22%3A1715891911949%2C%22d%22%3A%22www.pff.com%22%2C%22h%22%3A%22%2F%22%7D
.pff.com/	1970-01-20 20:39:38	Name: _clsk Value: ks9pvu%7C1715891912542%7C1%7C1%7Ct.clarity.ms%2Fcollect
.bing.com/	1970-01-21 05:59:47	Name: MUID Value: 2FD3557BC98B6C2E31D441FAC8596D60
.c.bing.com/	1970-01-20 20:48:16	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:59:47	Name: SRM_B Value: 2FD3557BC98B6C2E31D441FAC8596D60
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:59:47	Name: MUID Value: 2FD3557BC98B6C2E31D441FAC8596D60
.c.clarity.ms/	1970-01-20 20:48:16	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:38:12	Name: ANONCHK Value: 0

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.pff.com/(Line 2719) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.pff.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src *.pff.com www.facebook.com www.youtube.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sprig.com
c.bing.com
c.clarity.ms
cdn.heapanalytics.com
cdn.sprig.com
clients1.google.com
connect.facebook.net
cse.google.com
dashboard.pff.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
media.pff.com
prism.app-us1.com
sentry.io
sportsdata.io
t.clarity.ms
trackcmp.net
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.pff.com
13.32.27.116
13.32.27.12
146.20.124.69
20.114.189.70
2606:4700:10::6816:ec4
2606:4700:4400::6812:22d6
2606:4700::6812:80d8
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.186.247.156
50.17.204.237
50.19.89.137
68.219.88.97
01c2406a1df95943cf478b15fbe3d30cfd4692fe0357e1d42ad7c58375f6eec6
064644f31e514418b37f8f10783d608aca318f0ffbcb1d6afbe0b22ec5c80bf8
08ba26cbe60547c30dba3d1d5f9134476924e8265e0dfe58e27c36c326a9b911
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
0c2523284bbf2b9bf5e94b226a58eb99d6fae6a3180c75acedc16aad968b9013
11e6ddef739772e110d5c1ac4a4635291c7d39f73bc5cdae08a70a3062240208
1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd
1e6fff676a89c000ac8e093dd59cbd56b1c37f74c18f0db1049968230446e420
1fe74acee95eb1781508df2376f409c1e32fdb0bf147cd6f7e04189e0a94e938
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
30e51870459f798872b9023e291a2e55ebe5afca500ac1f3de6775d6e2339c4a
31c2d32c24dda35346bb9a8976a7a6a5a6430bc36517fbb84d3a94c80e515498
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3d03a7b813ae25a9c8c44d9b7512180f7ff4ee22bc207b8533c84141893d7097
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
458d31dbab86e6fb18a669dd8b4ec546ccf5defd67e850045169bc9842ee0738
47f39fa4cbb0bbd49dc3ba4552bbb27ab03f1653db2c3ea81e809ec332a8e695
5166f63d1b82bc575d19d1763eb79e9e53430786224b55a9ef04f99ce6a5cf1c
5776d7a82ca2793712a4cf85c9e2062e894d058b7b5e46e61bdbada7fe67b3d9
5d6dc10ad4eead16e76f7a16ec265a53e51845cb3abfb505f28ee005908ff803
6524612dea0026cb545ac5fbe37df8efebe649963d7e9feec75745fa1cc68160
75f21cb9f7c848a8d3f72f12080c9b29d980ab1236693ebbfe34485950bca95e
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
8a1995e04e5cfed46ed99fb84bf6eab6610d27ccd587b108850df67e92078f79
8cbc9cd59740cb72f1b05881a0ab2c83028d808b39cf2456a4dd1870bc281c9e
8ee08c2baa20dc6dcf24832b3a29c267cb591529d6d10f0736e081af7da0dafb
90485ed87ae7d5f8e9ba73324c407ad0de5e6056afdf4ccea25dcc35d6ae4cc1
92e9a1662e1f9dcd2f1af94dd7e9d068eee80f6e443a97bd5081116a6970d783
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a8724212cc5c02f2d7e99234c07fd8545a43eeac6085403bb37230c672c28baa
a9636611da15a2b2a920634b063d40124c680016f6e255eeb81f4c35cae4783f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc335a6a779f40f3c69cd77917470781292743980d4ad65d111ace20143c2f01
c3cc7b25bb7574a6d4dfa983af760ed06d74f034f2a8e962c420514f41c9db8b
c62c7eaecb3981cb2104e56b6d67602e213eb6b32c1a897a860bd76ad836e450
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
ca823261d1b41c57b3365c7238e8b93fb41dd2725b8be36c0899ca20e6aa9be4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e17306d464a1dd38a746e13e3d1cd430127897877e2af255150b7fc38300efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdadba69f16dde0054b3ed06fbaf252f080a70837a9c5339b9dcbd22b99921f4
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

www.pff.com Open in urlscan Pro 2606:4700:10::6816:ec4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

62 %IPv6

15 Domains

24 Subdomains

20 IPs

3 Countries

1538 kBTransfer

4847 kBSize

20 Cookies

21 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pff.com Open in urlscan Pro
2606:4700:10::6816:ec4 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

62 %
IPv6

15
Domains

24
Subdomains

20
IPs

3
Countries

1538 kB
Transfer

4847 kB
Size

20
Cookies

66 HTTP transactions
0 data transactions