urlscan.io logo urlscan.io
SecurityTrails logo

www.helpwelp.com Open in urlscan Pro
2606:4700::6811:57cc  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevan...
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 7 countries across 28 domains to perform 132 HTTP transactions. The main IP is 2606:4700::6811:57cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.helpwelp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2022. Valid for: a year.
This is the only time www.helpwelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 104.16.42.9 13335 (CLOUDFLAR...)
1 34.248.6.121 16509 (AMAZON-02)
2 52.217.81.252 16509 (AMAZON-02)
1 1 89.207.16.75 41041 (VCLK-EU-SE)
1 23.205.245.232 16625 (AKAMAI-AS)
1 52.222.232.69 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 37 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
4 172.217.16.130 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 172.64.154.237 13335 (CLOUDFLAR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
132 32
10    2606:4700::6811:57cc (United States)

ASN13335 (CLOUDFLARENET, US)
www.helpwelp.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
13    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    104.16.42.9 (None, )

ASN13335 (CLOUDFLARENET, US)
components.justanswer.com
1    34.248.6.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-6-121.eu-west-1.compute.amazonaws.com
trk.justanswer.com
2    52.217.81.252 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
jobboardio.s3.amazonaws.com
1    89.207.16.75 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
www.lduhtrp.net
1    23.205.245.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-245-232.deploy.static.akamaitechnologies.com
www.yceml.net
1    52.222.232.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-69.fra56.r.cloudfront.net
d6dyoorq84mou.cloudfront.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
14    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
37    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
2 MB
18 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
152 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
172 KB
10 helpwelp.com
www.helpwelp.com
330 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
53 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 946
syndication.twitter.com — Cisco Umbrella Rank: 1158
152 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
189 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
3 justanswer.com
components.justanswer.com — Cisco Umbrella Rank: 105454
trk.justanswer.com — Cisco Umbrella Rank: 701561
121 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 871
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
914 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
901 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
89 KB
2 amazonaws.com
jobboardio.s3.amazonaws.com — Cisco Umbrella Rank: 368312
96 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
3 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2331
297 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
459 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1980
351 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 787
98 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
463 B
1 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2679
750 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
37 KB
1 cloudfront.net
d6dyoorq84mou.cloudfront.net
55 KB
1 yceml.net
www.yceml.net — Cisco Umbrella Rank: 37521
10 KB
1 lduhtrp.net
www.lduhtrp.net — Cisco Umbrella Rank: 84597
440 B
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 370
9 KB
132 28
Domain Requested by
37 tpc.googlesyndication.com 2 redirects googleads.g.doubleclick.net
www.helpwelp.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.helpwelp.com
13 pagead2.googlesyndication.com www.helpwelp.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 www.helpwelp.com www.helpwelp.com
7 fonts.gstatic.com fonts.googleapis.com
5 www.google.com 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
5 www.gstatic.com googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
4 cm.g.doubleclick.net googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 platform.twitter.com www.helpwelp.com
platform.twitter.com
3 www.google-analytics.com www.helpwelp.com
www.google-analytics.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
www.google.com
2 syndication.twitter.com platform.twitter.com
www.helpwelp.com
2 connect.facebook.net www.helpwelp.com
connect.facebook.net
2 jobboardio.s3.amazonaws.com www.helpwelp.com
2 components.justanswer.com www.helpwelp.com
1 www.facebook.com connect.facebook.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 cdn.syndication.twimg.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.helpwelp.com
1 d6dyoorq84mou.cloudfront.net www.helpwelp.com
1 www.yceml.net www.helpwelp.com
1 www.lduhtrp.net 1 redirects
1 trk.justanswer.com www.helpwelp.com
1 cdn.ampproject.org www.helpwelp.com
132 35
Subject Issuer Validity Valid
www.helpwelp.com
Cloudflare Inc ECC CA-3		 2022-04-10 -
2023-04-10		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.justanswer.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-08 -
2023-02-08		 a year crt.sh
trk.justanswer.com
Amazon		 2022-09-26 -
2023-10-24		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-08 -
2022-12-07		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh

This page contains 19 frames:

Primary Page: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Frame ID: E46F7EA86926EF1CAF27BD94034DD77C
Requests: 41 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.helpwelp.com
Frame ID: E600141FD51D5B4826F07C4C009773DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 5547AF8A0A232266E607780960EAAD04
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
Frame ID: 429AA3F0127A96D5FA45246906A5E58A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&adk=1812271804&adf=3025194257&lmt=1669742855&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855361&bpp=5&bdt=258&idt=216&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1562776931008&frm=20&pv=2&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: 2118F23CEBA96744FF07FA0F764758AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Frame ID: CAFDD8A8471B0CE3E3AB33C03360675E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Frame ID: D9AFCB28EE4004A8B8736FF1F50F79AE
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 1706476412C908AB154C10552B2EBBE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: AD184CCD297421B1268E89458C9F0F12
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: D4B50510C6A550BA535C40FCC7D2ECD1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: C1785E7BFBBA48A6FAB6DA28C76E8144
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E00076881311B28B6DFB38265B39FE6E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 877FEFCFFEC84B3138C4FA8D2A7C8EE0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DCE80512F18C0A8D62E3B746EF7DD8C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5AF7582D2CACEC34DD9FA809932340E
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28bf02ab62b404%26domain%3Dwww.helpwelp.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.helpwelp.com%252Ff84875c7616b14%26relation%3Dparent.parent&container_width=500&href=https%3A%2F%2Fwww.facebook.com%2Fflexindian%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 960BDD638FB4D976F357E7932CBE0EDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 98693C3AF2D8313AC69E38845B6813A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F05A6985627E066C63DA4AC3B495EF4F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95B4363E9E7FBD213A055512039C5EBB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Data Entry Operator I (Contract) - Work from Home/ Remote Anywhere in the US. Job at Elevance Health | Mom Job Central

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

132
Requests

95 %
HTTPS

63 %
IPv6

28
Domains

35
Subdomains

32
IPs

7
Countries

3090 kB
Transfer

6077 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.lduhtrp.net/image-7198639-15245724 HTTP 302
  • https://www.yceml.net/0412/15245724-1653063759454
Request Chain 52
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXm47xPBD1Axj0AzIIccjc9IUixoY HTTP 301
  • https://tpc.googlesyndication.com/simgad/16037908009176458854
Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 93
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 111
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXm47xPBD1Axj0AzIIccjc9IUixoY HTTP 301
  • https://tpc.googlesyndication.com/simgad/16037908009176458854
Request Chain 117
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJeETQ1_hWdWZ43wq-2CWs8&google_cver=1&google_push=ASkJ3FaWegDVxGEY2UrhK1zzOcBXMZ1BKE9CyH21_3w6rpl1vc-TQOWQ8erPSVPvwEcrPekVWm98CEq879C_owkiWPgeYpH244E HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJeETQ1_hWdWZ43wq-2CWs8&google_cver=1&google_push=ASkJ3FaWegDVxGEY2UrhK1zzOcBXMZ1BKE9CyH21_3w6rpl1vc-TQOWQ8erPSVPvwEcrPekVWm98CEq879C_owkiWPgeYpH244E&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eq-nzW2VSBO9AXvClUwAaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaWegDVxGEY2UrhK1zzOcBXMZ1BKE9CyH21_3w6rpl1vc-TQOWQ8erPSVPvwEcrPekVWm98CEq879C_owkiWPgeYpH244E
Request Chain 118
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIyblK3KQn3t-Y9A2ejlOU&google_cver=1&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK0qnYcZPYFS6cN_C4ZVQwFsA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIySFNBV0UtMVItOTk4MA==&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK0qnYcZPYFS6cN_C4ZVQwFsA
Request Chain 119
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_cver=1&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8CLHmEBdbimtOZNga8Pbxw_5GNpP94A82heLmGMeefXJmNi2GPg3hEW-OH8mKLQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8CLHmEBdbimtOZNga8Pbxw_5GNpP94A82heLmGMeefXJmNi2GPg3hEW-OH8mKLQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_hm=Y4ZBClOcMd1abktvUedCqwAABI4AAAIB&google_nid=index&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8CLHmEBdbimtOZNga8Pbxw_5GNpP94A82heLmGMeefXJmNi2GPg3hEW-OH8mKLQ

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
www.helpwelp.com/jobs/ 		45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aca874fb300c10b55a3d43e4cc65d3d4716addaa9c22a69ee06cf6a93c22706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
771d0e0abe7d9001-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 29 Nov 2022 17:27:35 GMT
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-request-id
90087c96-c31d-4f5c-9222-17eaf880c3c0
x-runtime
0.114119
application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
www.helpwelp.com/assets/ 		102 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afae570e96953be8e6bd43a0cb393092498f5a6e9fc629f58cd1a1eee08eec10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
age
20024
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
content-encoding
br
cache-control
public, max-age=15552000
cf-ray
771d0e0c79f79001-FRA
expires
Sun, 28 May 2023 17:27:35 GMT
default-theme-2f6bbb0ed9688b9b0789953b9858c97b97900f96be84712edc04e358e2383f52.css
www.helpwelp.com/assets/boards/ 		229 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/boards/default-theme-2f6bbb0ed9688b9b0789953b9858c97b97900f96be84712edc04e358e2383f52.css
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fb33bfc02373d85bbefeb1701eb512b83818bbec45760207b595a13d469aa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
age
20024
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
content-encoding
br
cache-control
public, max-age=15552000
cf-ray
771d0e0c79fa9001-FRA
expires
Sun, 28 May 2023 17:27:35 GMT
application-aae6dc14a68cd9ee39bdd3d26fe364992911623a34c2ff0b8a6390880de94b07.js
www.helpwelp.com/assets/ 		317 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/application-aae6dc14a68cd9ee39bdd3d26fe364992911623a34c2ff0b8a6390880de94b07.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af465ff34b5e2a08777524acb7b35a528818e8195bbc8dbf88bc8b26ce2edd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
age
20024
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=15552000
cf-ray
771d0e0c79fd9001-FRA
expires
Sun, 28 May 2023 17:27:35 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Nov 2022 17:27:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96b0ca402905d12da7e5e09505a74b937e1d52797f02ae74e2c9e54fb41c6444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49223
x-xss-protection
0
server
cafe
etag
4577433441383185953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 17:27:35 GMT
ja-gadget-virtual-assistant-subtle
components.justanswer.com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://components.justanswer.com/css/ja-gadget-virtual-assistant-subtle
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
ja-gadget-virtual-assistant-config,ja-gadget-virtual-assistant-subtle
components.justanswer.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://components.justanswer.com/js/ja-gadget-virtual-assistant-config,ja-gadget-virtual-assistant-subtle
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.42.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
aff_i
trk.justanswer.com/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.justanswer.com/aff_i?offer_id=2&aff_id=10447&file_id=2468
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.6.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-6-121.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
helpwelp_app.png
jobboardio.s3.amazonaws.com/uploads/tenant/logo/1345/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jobboardio.s3.amazonaws.com/uploads/tenant/logo/1345/helpwelp_app.png
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.81.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9718b697bab3b7d113197d1b1acbb3bf53d1659f185533b286b12d308c245d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:36 GMT
x-amz-version-id
qR7QccCa8GOlFqDrjiMlp2jq28p1QSPb
Last-Modified
Thu, 20 Feb 2020 06:47:57 GMT
Server
AmazonS3
x-amz-request-id
RS62CEWQRRYBZPH2
ETag
"fe1e2fd2a65dd64ebd969e093b5131de"
Content-Type
image/png
Cache-Control
max-age=315576000
Accept-Ranges
bytes
Content-Length
55508
x-amz-id-2
PyzdHln/+q3PcmGE7SyYikLKRrIdLnQscBvIUa1KiRRutLp7j2PHBPTOjd9rsbEObihcpbcKqus=
location_autocomplete-f4b8a7d4ce1297b9b908e6deed4f4f41e70375c00578a59cbffda3653b439a93.js
www.helpwelp.com/assets/ 		2 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/location_autocomplete-f4b8a7d4ce1297b9b908e6deed4f4f41e70375c00578a59cbffda3653b439a93.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d179272a3476557110e052a8a9723c73472e6791e23150c347295207296834b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
age
20023
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=15552000
cf-ray
771d0e0cfad99001-FRA
expires
Sun, 28 May 2023 17:27:35 GMT
Elevance_Health.png
jobboardio.s3.amazonaws.com/uploads/job/logo/171731898/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jobboardio.s3.amazonaws.com/uploads/job/logo/171731898/Elevance_Health.png
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.81.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8f3b76164c64eda1fadbb43b84cfa3a0cb7cac93b1b5c3817adad8f6cb83cee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:36 GMT
x-amz-version-id
ivsZP61xGLPGc6l3YPgMrPDcTG75BODd
Last-Modified
Tue, 29 Nov 2022 11:41:21 GMT
Server
AmazonS3
x-amz-request-id
RS6E42JPFYC3Y9QV
ETag
"1000f3a1aa5c51e0490d1ae812fe8c60"
Content-Type
image/png
Cache-Control
max-age=315576000
Accept-Ranges
bytes
Content-Length
41897
x-amz-id-2
eJ4fGGFfvWu3beVn8jH2wg4bN7Jeyv+YMHoHR6YnK+T8nW3riC/q3eFEmz2lh3/xpNfC/EHHXhU=
15245724-1653063759454
www.yceml.net/0412/
Redirect Chain
  • https://www.lduhtrp.net/image-7198639-15245724
  • https://www.yceml.net/0412/15245724-1653063759454
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yceml.net/0412/15245724-1653063759454
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
HTTP/1.1
Server
23.205.245.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-245-232.deploy.static.akamaitechnologies.com
Software
Resin/4.0.66 /
Resource Hash
b947ce8452262df7f82a00adb1ea2369cd3c9a9b98f5f7d8c087b1bd3c03cd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:35 GMT
X-VC-HTTPS
On
Cache-Control
max-age=475673
Server
Resin/4.0.66
Connection
keep-alive
Content-Length
10075
Expires
Mon, 05 Dec 2022 05:35:28 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Nov 2022 17:27:35 GMT
Server
Resin/4.0.66
Content-Type
text/html; charset=utf-8
Location
https://www.yceml.net/0412/15245724-1653063759454
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-VC-HTTPS
On
Content-Length
87
Expires
Tue, 29 Nov 2022 17:27:35 GMT
73a49a4a-73ec-47e2-81d0-4a3ae647238b_helpwelp_app.png
d6dyoorq84mou.cloudfront.net/uploads/wysiwyg/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6dyoorq84mou.cloudfront.net/uploads/wysiwyg/73a49a4a-73ec-47e2-81d0-4a3ae647238b_helpwelp_app.png
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-69.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9718b697bab3b7d113197d1b1acbb3bf53d1659f185533b286b12d308c245d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:58:56 GMT
x-amz-version-id
null
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
last-modified
Sun, 01 Oct 2017 10:26:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1654120
etag
"fe1e2fd2a65dd64ebd969e093b5131de"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=315576000
accept-ranges
bytes
content-length
55508
x-amz-cf-id
eCdoF0UagmETAFW1VQ6WpvLTJbXOHhhUgMnkV7ByP-ngCPKuBQfZKA==
suggested_jobs-8d641bff6fa4c7291a2d234171652e2aecab54fced7f92e3a4b45a03b7512bed.js
www.helpwelp.com/assets/ 		649 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/suggested_jobs-8d641bff6fa4c7291a2d234171652e2aecab54fced7f92e3a4b45a03b7512bed.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495b2300f6a345668d6ccbb88e98fcf85848097c037d0c58cc99eee897e6cd51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
age
20023
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=15552000
cf-ray
771d0e0cfae49001-FRA
expires
Sun, 28 May 2023 17:27:35 GMT
gtm.js
www.googletagmanager.com/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5BDNG52
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
febf5222344514f9b701c21c65640d1e79153ae7db31d3d69362f753d9b7ea83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37769
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Nov 2022 17:27:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 17:24:43 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
172
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 29 Nov 2022 19:24:43 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:35 GMT
Content-Encoding
gzip
Age
1395
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29221
x-amzn-internal-status
304
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/6793)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0baafeead4481071ad4ac8e7b389eb4f42d43d2ff9c9ca40ee0367b075879acb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
X86dEACTUP5fVAreR3tj1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
frnyFEqlaKBZXLQJtbEKV8YJpWzby9IJoE9XTSOfXVeE2vakZOBU1Epj4+G9rFul/s+Jiosqs5SHzRHplsg6cw==
x-fb-trip-id
2050670934
x-fb-content-md5
5647e0997e967ef91f5ae43b129dce46
etag
"0262150ca282f5e6500aee10f5c2c3fa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 29 Nov 2022 17:30:57 GMT
other_jobs.js
www.helpwelp.com/jobs/171731898/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/jobs/171731898/other_jobs.js
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/assets/application-aae6dc14a68cd9ee39bdd3d26fe364992911623a34c2ff0b8a6390880de94b07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c8663a8ebd51ba31c0eb5ee4351be7da1e0712bf2e6affddab7231b29b944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
X-CSRF-Token
IEescJO7pvO+mMRGAT43ePcFLKQTL4PQskoAlFl3bpjgIVCC1HFKJlPl2hmqPRAlCKTjlzDo3JSoT3QmJUShVA==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-runtime
0.624319
date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
MISS
content-encoding
br
server
cloudflare
etag
W/"c3c8663a8ebd51ba31c0eb5ee4351be7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
771d0e0d3b459001-FRA
x-request-id
36f086b9-82d1-47be-a724-7c4e4483f061
expires
Tue, 29 Nov 2022 21:27:35 GMT
fa-solid-900-185ac797afe59ceaa2177e186fb88afbcda0e1be70817bbca62c230930e3a8e1.woff2
www.helpwelp.com/assets/font-awesome-5.13.0/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/font-awesome-5.13.0/fa-solid-900-185ac797afe59ceaa2177e186fb88afbcda0e1be70817bbca62c230930e3a8e1.woff2
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/assets/application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.helpwelp.com/assets/application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
Origin
https://www.helpwelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
20023
content-length
79444
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
access-control-max-age
3628800
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=15552000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
771d0e0d3b529001-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 28 May 2023 17:27:35 GMT
fa-brands-400-3556b2492903c9797f23c540b710b5fddf1bf611c2da039395d467c62f566a41.woff2
www.helpwelp.com/assets/font-awesome-5.13.0/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/assets/font-awesome-5.13.0/fa-brands-400-3556b2492903c9797f23c540b710b5fddf1bf611c2da039395d467c62f566a41.woff2
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/assets/application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.helpwelp.com/assets/application-783d8dbf082be181fc7639c3a200832be68433effeb947bf1811457b94c5bf7d.css
Origin
https://www.helpwelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
20023
content-length
76612
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Mon, 28 Nov 2022 18:43:25 GMT
server
cloudflare
access-control-max-age
3628800
vary
Origin, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=15552000
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
771d0e0d3b579001-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 28 May 2023 17:27:35 GMT
site_notifications
www.helpwelp.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.helpwelp.com/site_notifications
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/assets/application-aae6dc14a68cd9ee39bdd3d26fe364992911623a34c2ff0b8a6390880de94b07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:57cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
X-CSRF-Token
IEescJO7pvO+mMRGAT43ePcFLKQTL4PQskoAlFl3bpjgIVCC1HFKJlPl2hmqPRAlCKTjlzDo3JSoT3QmJUShVA==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-runtime
0.081893
date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
origin, origin-when-cross-origin, strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache
cf-ray
771d0e0d4b769001-FRA
x-request-id
3cd6aa16-39f4-49fa-8a06-29fb0b2a1df1
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame E600 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.helpwelp.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2315206
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Nov 2022 17:27:35 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=456187929&t=pageview&_s=1&dl=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&ul=en-us&de=UTF-8&dt=Data%20Entry%20Operator%20I%20(Contract)%20-%20Work%20from%20Home%2F%20Remote%20Anywhere%20in%20the%20US.%20Job%20at%20Elevance%20Health%20%7C%20Mom%20Job%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1292092161&gjid=129022115&cid=1078853344.1669742855&tid=UA-45627438-1&_gid=1474388837.1669742855&_r=1&_slc=1&z=684106442
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.helpwelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.helpwelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=456187929&t=pageview&_s=1&dl=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&ul=en-us&de=UTF-8&dt=Data%20Entry%20Operator%20I%20(Contract)%20-%20Work%20from%20Home%2F%20Remote%20Anywhere%20in%20the%20US.%20Job%20at%20Elevance%20Health%20%7C%20Mom%20Job%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=1006048592&gjid=2086664897&cid=1078853344.1669742855&tid=UA-83736-23&_gid=1474388837.1669742855&_r=1&_slc=1&z=187762092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.helpwelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.helpwelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame E600 		913 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=49266d959912536255f58c6813fc32fa41c4ae5b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.helpwelp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time
109
date
Tue, 29 Nov 2022 17:27:34 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 29 Nov 2022 17:27:35 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
11095e10dc356b6d
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
b051c003876f5ddd96d6dd87fe596209b23ae18ffe155854ffa778da3a56d1ee
content-length
374
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45627438-1&cid=1078853344.1669742855&jid=1292092161&gjid=129022115&_gid=1474388837.1669742855&_u=IEBAAEAAAAAAACAAI~&z=882081276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.helpwelp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 29 Nov 2022 17:27:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.helpwelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_GB/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=0c45227a3f10be9e07cef3dd58f39dfd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c29aebc6ee24dd2a667624715b17de2ed2b5a89c12c046241b3502c4f94bd832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.helpwelp.com/
Origin
https://www.helpwelp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Nov 2022 17:27:35 GMT
content-md5
syh/WCIeQ9MYaxXNew0JgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88367
x-fb-rlafr
0
x-fb-debug
FlUtDKytYiuIzE9+PdOAuCxnYptrpSfmGgkU09tbR218ZrCOdhAvnhwBUWKAicat1QkeDXZKD+4zdow0cz9Ujg==
x-fb-content-md5
528dc3ed43df77151b7550082a6101b4
cross-origin-opener-policy
same-origin-allow-popups
etag
"55d2f657b49cdbede301453584bc2ab7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 29 Nov 2023 15:39:44 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ae53b07981fd201eb507bed7d8eb2aff2a8d489763ea4b4ff615ab9df9c98c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119226
x-xss-protection
0
server
cafe
etag
6715972425412564201
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 17:27:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5547 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 12:40:29 GMT
etag
10353107486223812946
expires
Tue, 13 Dec 2022 12:40:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
button.d2f864f87f544dc0c11d7d712a191c1f.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:27:35 GMT
Content-Encoding
gzip
Age
2315205
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2362
Last-Modified
Wed, 02 Nov 2022 19:36:52 GMT
Server
ECS (frb/6793)
Etag
"7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
follow_button.644279d1635fd969e87af94a98bd232b.en.html
platform.twitter.com/widgets/ Frame 429A 		41 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
3c75e52a2ca2ffcc05363d11854f68977f2d376c15d231b396816e90bde25ad9

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2315201
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
15129
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Nov 2022 17:27:35 GMT
Etag
"acebd71e9c8affdc2fcc7f35e773093d+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6793)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Mom%20Job%20Central%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669742855509%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=49266d959912536255f58c6813fc32fa41c4ae5b
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-response-time
109
date
Tue, 29 Nov 2022 17:27:35 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 29 Nov 2022 17:27:35 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
583ed6cedf643767
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
b051c003876f5ddd96d6dd87fe596209b23ae18ffe155854ffa778da3a56d1ee
content-length
43
truncated
/ Frame 429A 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
info.json
cdn.syndication.twimg.com/widgets/followbutton/ Frame 429A 		269 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=en&screen_names=JobFromHomeGuid
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
3881a65b6b4d80444394a8625197ae97f33de520bbd66527e0c28888bb387e5e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-contol-allow-origin
platform.twitter.com
date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
content-disposition
attachment; filename=jsonp.jsonp
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=107
content-length
209
x-xss-protection
0
x-response-time
92
last-modified
Tue, 29 Nov 2022 17:27:35 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript;charset=utf-8
x-transaction-id
0ed4a42fb7db7f3d
cache-control
must-revalidate, max-age=600
x-tw-cdn
VZ, VZ
perf
7626143928
x-connection-hash
ec064ab3548c58bb4b26308cd26668db936fe3d2628962e3a8ca77d33d844422
timing-allow-origin
*
x-transaction
0ed4a42fb7db7f3d
expires
Tue, 29 Nov 2022 17:37:35 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.helpwelp.com&callback=_gfp_s_&client=ca-pub-6309423508203138&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c0a2f361a3da33b830111d33cd83e68f6ea98c1ff7a86fa4bb200a78880921e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.helpwelp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.helpwelp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2118 		283 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&adk=1812271804&adf=3025194257&lmt=1669742855&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855361&bpp=5&bdt=258&idt=216&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1562776931008&frm=20&pv=2&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b522b8255b11912d278a6800c1225ae97a119821b14fbd502d60feb46eceb0b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
72005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
expires
Tue, 29 Nov 2022 17:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CAFD 		104 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3919ee5458f2919080c7491af18fe4d33d9775d16b03191733f8cc9870f85340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33098
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
expires
Tue, 29 Nov 2022 17:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame CAFD 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:28:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:27:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CAFD 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
24370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:41:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CAFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4mtPB0GGY5-iLcXUhAb9-b7wBI7O8L1tht2l6bcQiPvzjYcMEAEg8YHPIWCVgp-CsAegAf7WxdYDyAEJqQI2xCqwW2SxPqgDAcgDywSqBKUCT9Ap3_pXSIiEZwUCeom6nLkoGcmOceGw24jgqahmDxfUOMU5JH0leKm7YDQzO-W7dgDsedDwegh8xLHtwIo73kELvBsL_DGnHzaDAMDfOX551OsX4oRg_E9o_f1ebcoanNgMv12b68k5qvVy4acsk-Xvzmiln-o0vXIvawrwwa6dxUXKQKBfvPfe_evtl7MaJLNxfVgWukgFdyM6Eppicw03N3yLq_xRxEy4P4Jaf9NhqgB1YKDdntKI4zgxL_9jjyNhu528SAA60Jv-vfvcI2DHvWd0bRezj_NZ2zcxIiBq82yZd9Ohp9zZ3xrrBA8P00sLXMIr6RYOp7X4ZEzawn7sa9YassV0BBlWom_ejlewc1oi2VGbDXJQNCTvaTMC-0U33TTABJ38rpCOBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJ09YdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEInENtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQB0BUBgBcBshccChoIABIUcHViLTYzMDk0MjM1MDgyMDMxMzgYAA&sigh=78hgmEIhljs&uach_m=[UACH]&cid=CAQSGwDq26N9EHTqLLaIpvPXU_s6P8UnmG0gYvmKzRgBIBM&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 17:27:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 29 Nov 2022 17:27:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame CAFD 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
14540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 13:25:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CAFD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:44:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CAFD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAFD 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:36 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame CAFD 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
5776365662567657094
tpc.googlesyndication.com/gpa_images/simgad/ Frame CAFD 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5776365662567657094
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6491fc04dada4db3ece72c27c9a9e734d5e76c7896040abb433a491f269ae97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 09:40:09 GMT
x-content-type-options
nosniff
age
287247
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114159
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:32:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 Nov 2023 09:40:09 GMT
14831501328155147756
tpc.googlesyndication.com/gpa_images/simgad/ Frame CAFD 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14831501328155147756
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb2124b5036ca7381e0539827143897fe2f197fd16cedbc33e7cf2f400393f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 00:49:54 GMT
x-content-type-options
nosniff
age
59862
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90291
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:47:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Nov 2023 00:49:54 GMT
4593688661529639532
tpc.googlesyndication.com/gpa_images/simgad/ Frame CAFD 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/4593688661529639532
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3ed9117c2675af0bb1776483c735371ea5c9defea473085fb52489b9d13bbcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 02:07:10 GMT
x-content-type-options
nosniff
age
400826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132299
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:32:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Nov 2023 02:07:10 GMT
16211125361289500568
tpc.googlesyndication.com/gpa_images/simgad/ Frame CAFD 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/16211125361289500568
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
028558d7df6f9debf5df6d8a776d0e225e0082f2c455d1a840452e0f3b1cb4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 01:35:55 GMT
x-content-type-options
nosniff
age
229901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137680
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:33:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 27 Nov 2023 01:35:55 GMT
16037908009176458854
tpc.googlesyndication.com/simgad/ Frame CAFD
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXm47xPBD1Axj0AzIIccjc9IUixoY
  • https://tpc.googlesyndication.com/simgad/16037908009176458854
88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16037908009176458854
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H3
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:26:20 GMT
x-content-type-options
nosniff
age
547276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90145
x-xss-protection
0
last-modified
Tue, 28 Jul 2020 07:00:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 09:26:20 GMT

Redirect headers

date
Tue, 29 Nov 2022 10:00:42 GMT
x-content-type-options
nosniff
server
cafe
age
26814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16037908009176458854
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 29 Dec 2022 10:00:42 GMT
truncated
/ Frame CAFD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f397d2c3d5a26597348a32c781dff7eb382580a1496de27a418b587501dcdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CAFD 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:44:30 GMT
x-content-type-options
nosniff
age
585786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:44:30 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame CAFD 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 21:33:43 GMT
x-content-type-options
nosniff
age
330833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 21:33:43 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070924
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d3d347d1f287357f3a7a22ee99ca3e70d25f0310d8173acd4e07c95bdc15f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52281
x-xss-protection
0
server
cafe
etag
9580050816700618818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Nov 2022 17:27:36 GMT
async-ads.js
www.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/async-ads.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
665aace6596b2ed84478f6af01ff78364a5f2edcc4a7809ed6b0eedbb1756e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"2443432015000657492"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:36 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.helpwelp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.helpwelp.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D9AF 		109 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23e0fe6c73e85db1e24bf07d26751d9137e4f544c3ea19cb0776a5033f57f5a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 1706 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=3088186576&adf=2900977362&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1669742855&rafmt=1&to=qs&pwprc=5984660677&format=1200x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742855366&bpp=2&bdt=262&idt=229&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=141&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QkfFUs3lWr&p=https%3A//www.helpwelp.com&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 18:07:25 GMT
cookie.js
partner.googleadservices.com/gampad/ 		189 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.helpwelp.com&client=partner-pub-6309423508203138&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/async-ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a596a0710d3bf40875dbae25f962e9d9e3755b6528395df84d9814077da50be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
185
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame AD18 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 21:11:26 GMT
etag
10353107486223812946
expires
Mon, 12 Dec 2022 21:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame D4B5 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 21:11:26 GMT
etag
10353107486223812946
expires
Mon, 12 Dec 2022 21:11:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame AD18 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:13:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:27:36 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD18 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:26:20 GMT
x-content-type-options
nosniff
age
3676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 16:26:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD18 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:15:20 GMT
x-content-type-options
nosniff
age
736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 17:15:20 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame AD18 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
3031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:37:05 GMT
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame C178 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 10:06:05 GMT
etag
11900953634711111692
expires
Wed, 30 Nov 2022 10:06:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame D4B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0aA-B0GGY_evKcWptwepiJPICI7O8L1tht2l6bcQiPvzjYcMEAEg8YHPIWCVgp-CsAegAf7WxdYDyAEJqQI2xCqwW2SxPqgDAcgDywSqBKsCT9BlYCGkjYXOI75R-LFnmwfm9BkMPEUOu6NE2tBwvg_jwNaFJpURNYx_NG1E08oWhSEYps9793gaq9ogQYQiji8qqDxHWBAN6x2-_FQHDHH263Nqps6l3XPgBG6cmjj9U6gSS3QZHwa-d9ZT84GwXmYR4HMykjFuEttfMSYuULk6sluiMHCYDYts-RSwsMZRWbPGPYCnMH9CzU0uX5IrKQ3M0bXKZXGdY5JB1G5D3kWRa_xHSFJhHtTCF2_sB_NsQVQ8Eag-EVrxZp5G-YKJPljww4I8ZH1DFao-AmOd_xi-G23m3yH-IBvff4ZninD5Srr4KYpAUVBDWm4jJIQMZfLLdhpwBbQuBdvULlxWZNXLdVJmQPo0MrNvQGnR5Z8e1w1pg-bpmwjF_arABJ38rpCOBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJ09YdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOf5HtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQB0BUBgBcBshccChoIABIUcHViLTYzMDk0MjM1MDgyMDMxMzgYAA&sigh=5HjEQmAcrOk&uach_m=[UACH]&cid=CAQSGwDq26N9RsrdtFdhwZYOloyPm5qa1N6-gGV37BgBIBM&template_id=494
Requested by
Host: www.helpwelp.com
URL: https://www.helpwelp.com/jobs/171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 17:27:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D4B5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
14540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 13:25:16 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C178 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 09:50:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26222
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 30 Nov 2022 09:50:43 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame C178 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 08:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69148
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 30 Nov 2022 08:28:38 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame C178 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
818
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1758
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 30 Nov 2022 17:13:58 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E000 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 16:55:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D4B5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:44:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D4B5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:49 GMT
css
fonts.googleapis.com/ Frame 877F 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:17:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:27:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 877F 		2 KB
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
24370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:41:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 877F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
14540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 13:25:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 877F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:44:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 877F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 877F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:36 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 877F 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C178 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
27998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 30 Nov 2022 09:40:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4B5 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:36 GMT
truncated
/ Frame D4B5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fab006b7d781def9f518de2de356e2858950bc8dae4d6ec1d2023715ae9625df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E000
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
expires
Tue, 29 Nov 2022 17:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame DCE8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 16:55:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C178 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:47:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:27:36 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame C178 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 18:07:25 GMT
16037908009176458854
tpc.googlesyndication.com/simgad/ Frame C178 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16037908009176458854
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:26:20 GMT
x-content-type-options
nosniff
age
547276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90145
x-xss-protection
0
last-modified
Tue, 28 Jul 2020 07:00:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 09:26:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DCE8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
expires
Tue, 29 Nov 2022 17:27:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C178 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 13:14:53 GMT
x-content-type-options
nosniff
age
360764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 13:14:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C178 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 05:09:29 GMT
x-content-type-options
nosniff
age
389888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 05:09:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C178 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 20:22:20 GMT
x-content-type-options
nosniff
age
335117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 20:22:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CAFD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvTWzLd9TekgdziLjMMx_ekgV1NSlH86raGEblMH8x6U4ZkM1xENiPgukBK8z0l5_HbhWj-XNkxXGAMMCXNXy3c7hpHPaC7g9J8xcU9cJyZe7_S5lfXM3YhRWnObSUukZK5NKFAA&sai=AMfl-YRv8Luiwq1pNpwpVioYGgnclsdPyuGRFtQdMNEJnmw2LyRf9pBordDLAOsqPT1ONhQdA2iPUyPGSaeSxi8&sig=Cg0ArKJSzNsnlG_MM-KoEAE&cid=CAQSGwDq26N9EHTqLLaIpvPXU_s6P8UnmG0gYvmKzRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669742855599&rpt=1068&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame D9AF 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:01:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:27:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D9AF 		2 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
24371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:41:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D9AF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:25:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
14541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 13:25:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D9AF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 16:44:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2568
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:44:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D9AF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
26208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 10:10:49 GMT
l
www.google.com/ads/measurement/ Frame D9AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh5YVN27YWEyboQnbCDt03ICQ6S8ctl0c6-wBmH8nl3w78B5OfMQyzVIhjm0Esz8-uUyzub0Bz2jUuCEDTjROnmE-WsA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D9AF 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:37 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame D9AF 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D9AF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CQDjKCEGGY8_-K-WvhQaVnZfYBI7O8L1tht2l6bcQiPvzjYcMEAEg8YHPIWCVgp-CsAegAf7WxdYDyAEJqQI2xCqwW2SxPqgDAcgDywSqBKsCT9BnSPb8CakOPDyINT_ldYHihf43wuzIG74UYfsnekDidCrITh7iN3c7BYaoyLQOJrTC-CkLRHbmngQkGvsRA4ISXd9HC2U3VPPxfOziq5dq9SU8XNs3lCR2lcnUVh0AqGkmytWJbrinTF7si483WzOlEafm3m9sL4X4wRa6MmM7eIE2O2oB7lNkWjvvsuCbXS932mStcgCwZvcPOkRxafbGi-cZ1SDKxqu4TupZ5Ufi515_v9gYkEAb6FA8JwA0Cc3nireS58p48IbI-q4y0kuwPXIh3h2CHnCwyGjaDopKVw4PPWBBAoEytYx9mzj2T6xcpW83e4F5cpkN8j76fybbymqLVkxTNAECww7ioJroON8II3XvKDixgDp-6rb-YYyHmHcxPjGtC8DABJ38rpCOBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJ09YdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELaJHtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMLiBQB0BUBgBcBshccChoIABIUcHViLTYzMDk0MjM1MDgyMDMxMzgYAA&sigh=5KKUdu5xYcM&uach_m=[UACH]&cid=CAQSOwDq26N9mv4beFPsvrnVWIHT_wKrmNMzQiaRVZ77e0RP18bYD_DO2m5sAuY62Wh2keXpl56w-8VSZnqfGAEgEw&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Nov 2022 17:27:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
14831501328155147756
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9AF 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/14831501328155147756
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb2124b5036ca7381e0539827143897fe2f197fd16cedbc33e7cf2f400393f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 00:49:54 GMT
x-content-type-options
nosniff
age
59863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90291
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:47:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Nov 2023 00:49:54 GMT
5776365662567657094
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9AF 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/5776365662567657094
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6491fc04dada4db3ece72c27c9a9e734d5e76c7896040abb433a491f269ae97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 09:40:09 GMT
x-content-type-options
nosniff
age
287248
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114159
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:32:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 26 Nov 2023 09:40:09 GMT
4593688661529639532
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9AF 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/4593688661529639532
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3ed9117c2675af0bb1776483c735371ea5c9defea473085fb52489b9d13bbcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 02:07:10 GMT
x-content-type-options
nosniff
age
400827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132299
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:32:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Nov 2023 02:07:10 GMT
7268999505913797273
tpc.googlesyndication.com/gpa_images/simgad/ Frame D9AF 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/7268999505913797273
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aed78814edbf1e0fc25278cb1910e2512593f29ee90c449a534f9502186da3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 05:40:53 GMT
x-content-type-options
nosniff
age
388004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169954
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:38:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Nov 2023 05:40:53 GMT
16037908009176458854
tpc.googlesyndication.com/simgad/ Frame D9AF
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXm47xPBD1Axj0AzIIccjc9IUixoY
  • https://tpc.googlesyndication.com/simgad/16037908009176458854
88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16037908009176458854
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 09:26:20 GMT
x-content-type-options
nosniff
age
547277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90145
x-xss-protection
0
last-modified
Tue, 28 Jul 2020 07:00:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 09:26:20 GMT

Redirect headers

date
Tue, 29 Nov 2022 10:00:42 GMT
x-content-type-options
nosniff
server
cafe
age
26815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16037908009176458854
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 29 Dec 2022 10:00:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B5AF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 10:44:06 GMT
etag
48472445140208031
expires
Wed, 30 Nov 2022 10:44:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D9AF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b49fc1a5ca3b937e6ef8b62c2bb0d592f2dad726060dd011facd1fe0de1942bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame B5AF 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF3hVPrz3-GaA4T1K0fuKDQ&google_cver=1&google_push=ASkJ3FZXUjHRm2CWwJcuAsmROUchCtv1bAhBX97y7sJ4pn2sO8PeZ5EXGlREdVuoMeQjEyDekurKHy1ebvkjq6YlAh5UiyJF2MM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame B5AF 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaNPSRvF-pPo-USNQbY3XhHxzlblPbRPg66eXXYMRC2b6CFhqSV-Nl2G45hZB8ZrGyoMG4J2F3ZR7ddtADwAJ1NUtV_U7g&google_gid=CAESEGMeU6oSyA3y2kx3mBcQVzQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame B5AF 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHjrUqhluetG_5F-HppcfDc&google_cver=1&google_push=ASkJ3Fb2iZmQEZNWc7M_zyRuLBudJPQuddvCnE6z3lAWvRh6FslfPJvfj38G448AIA9k8I_SHXrBJkzrs8lws7WWuoBpzizbe04
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
jo03gvj69j7ilnk361po47qc6q6pgg5o
pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eq-nzW2VSBO9AXvClUwAaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eq-nzW2VSBO9AXvClUwAaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaWegDVxGEY2UrhK1zzOcBXMZ1BKE9CyH21_3w6rpl1vc-TQOWQ8erPSVPvwEcrPekVWm98CEq879C_owkiWPgeYpH244E
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eq-nzW2VSBO9AXvClUwAaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaWegDVxGEY2UrhK1zzOcBXMZ1BKE9CyH21_3w6rpl1vc-TQOWQ8erPSVPvwEcrPekVWm98CEq879C_owkiWPgeYpH244E
date
Tue, 29 Nov 2022 17:27:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIyblK3KQn3t-Y9A2ejlOU&google_cver=1&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIySFNBV0UtMVItOTk4MA==&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK0qnYcZPYFS6cN_C4ZVQwFsA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIySFNBV0UtMVItOTk4MA==&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK0qnYcZPYFS6cN_C4ZVQwFsA
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIySFNBV0UtMVItOTk4MA==&google_push=ASkJ3FYIGXjF-uEsSfP15ABVIBAuMi0PmPzKQq62XmiGgl7d8UGskYKjIn3eptjcAi66jNHgTkK0qnYcZPYFS6cN_C4ZVQwFsA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame B5AF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_hm=Y4ZBClOcMd1abktvUedCqwAABI4AAAIB&google_nid=index&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_hm=Y4ZBClOcMd1abktvUedCqwAABI4AAAIB&google_nid=index&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8CLHmEBdbimtOZNga8Pbxw_5GNpP94A82heLmGMeefXJmNi2GPg3hEW-OH8mKLQ
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc4Pl9C8c1%2F2Sn70GWi1XVVc0h%2B1n0FLcZhW9pdcCGltQKRwnzxoXRLFuBpCFxTAUsGhS5QrX3W%2BJMZ9yqSiTcAUbnxnrZ2xjVpVjIQC87L4x1qEQxGekHy0c8Ifr%2FnanA%2Fmud%2FKCRQcVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL2OjCPWps0UEpiGcjZOlT8&google_hm=Y4ZBClOcMd1abktvUedCqwAABI4AAAIB&google_nid=index&google_push=ASkJ3FbGnzg_CfYyBHfbmTnhuQhx3Xgcx5u8CLHmEBdbimtOZNga8Pbxw_5GNpP94A82heLmGMeefXJmNi2GPg3hEW-OH8mKLQ
cache-control
no-cache
cf-ray
771d0e1f0f63bb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame B5AF 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESELyXdOoMrnyC5pblxcCjC-c&google_cver=1&google_push=ASkJ3FYGeC6RA7n8njmBwIv2F6k7njIYdBsHP0LfzykjypurO78F3If0dUOTASUqq_AoBrWuCvZNuIxa5RFKUNn2duDC3gFq7w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame B5AF 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KngnBaomMvJ9GkUC07irrSUsRNGAwSVGcGhO822Gx10eCwfLIdRzHM6eWZA5wSyytkMgQE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D9AF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:44:30 GMT
x-content-type-options
nosniff
age
585788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:44:30 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D9AF 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 21:33:43 GMT
x-content-type-options
nosniff
age
330835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 21:33:43 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 960B 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28bf02ab62b404%26domain%3Dwww.helpwelp.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.helpwelp.com%252Ff84875c7616b14%26relation%3Dparent.parent&container_width=500&href=https%3A%2F%2Fwww.facebook.com%2Fflexindian%2F&layout=standard&locale=en_GB&sdk=joey&share=true&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=0c45227a3f10be9e07cef3dd58f39dfd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Nov 2022 17:27:38 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
jBwbtCdcr25XS4FOYZIZbC6VkvS0EMl2qR0fU2+QmuUzT/EglVB2VqPuQ7sOJMU+kswMdFVBdt3452W2EkOq2g==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8128fd1816b8eaffe63cd60f47dfd4d4ec30d29d5ba3e8c05b8a25a335daca1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11208
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 9869 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6309423508203138&output=html&h=280&adk=1246942656&adf=681004754&pi=t.aa~a.4049339859~i.5~rp.4&w=888&fwrn=4&fwrnh=100&lmt=1669742856&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5984660677&ad_type=text_image&format=888x280&url=https%3A%2F%2Fwww.helpwelp.com%2Fjobs%2F171731898-data-entry-operator-i-contract-work-from-home-remote-anywhere-in-the-us-at-elevance-health&fwr=0&pra=3&rh=200&rw=888&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669742856622&bpp=2&bdt=1518&idt=2&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ae32f002ef9906a-22dcf12bf4d70030%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ&gpic=UID%3D00000b8a2b853010%3AT%3D1669742855%3ART%3D1669742855%3AS%3DALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=1562776931008&frm=20&pv=1&ga_vid=1078853344.1669742855&ga_sid=1669742856&ga_hid=456187929&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=196&ady=1980&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531706%2C31070924&oid=2&psts=AMjMPc2ykC2ZEw9BwCdHmi0NrKLwARWEhlJa581NP1_AnUT61wiK-hGtgKDXPSMi5_RHpSRiWRKl4oqtiEN7aR4&pvsid=2310650122094428&tmod=497382290&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ko5IIqFj2Q&p=https%3A//www.helpwelp.com&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 18:07:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6309423508203138&plah=www.helpwelp.com&bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:27:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F05A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 16:45:55 GMT
expires
Wed, 29 Nov 2023 16:45:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 95B4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c77a0c200eddca8366077e61ee0e6f1166cff951f4b366986ed56ad138cc291d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0ajOQuaFdKHEyrUAJLDVdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.helpwelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-0ajOQuaFdKHEyrUAJLDVdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 17:27:38 GMT
expires
Tue, 29 Nov 2022 17:27:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame D4B5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvargbgM5GDDuG_zh2zJ61OGID4tgtD_naDzOZJe67G2nNs5yNcXud1X0xEamiTAbPKFeu7etl9SiJvhoZaWORoMFfkUnX0x4OIIY2hjk6Y4_CIVh87WwCsdgOoWgVoC3UAce2xwA&sai=AMfl-YSqZC-YMPygTQElAab7d__K9MZm80J6Yz9gddP5AQK3C3X20Xn6zUhfdkUFreK0CwOsshasmXV3NNtJSPE&sig=Cg0ArKJSzJA2ays4hA09EAE&cid=CAQSGwDq26N9RsrdtFdhwZYOloyPm5qa1N6-gGV37BgBIBM&id=lidar2&mcvt=1006&p=0,0,124,1005&mtos=68,773,1006,1085,1097&tos=68,705,233,79,12&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669742856767&rpt=269&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Nov 2022 17:27:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame F05A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 18:07:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 95B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2310650122094428&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F05A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SL3eWg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:27:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2310650122094428&bg=!Pj2lPXnNAAbvMpMzzzI7ACkAdvg8WmXRxsS5ok5-dpn3cMAOjYpqNg2V49hAhWpsT4_CLy_Tj43YxgIAAABVUgAAAARoAQeZArDikBOGDyDbqoKXLbeCpEeCe0eLs8bKWmKKGmI2aGvVMPR2a80B50ytP3Q6Q4q1hL2zx8Q7AMH4eJfbnwwv2OrqCUWWqSh2qSdkZZ_gSTjM9F6eT9Ac6PTGVRI8-65X93d-z2PSlU_fZTMgKRHJll5oxjZp32KdH-LF3-McVs7fDOn_J3-MFMh7pOWEpitHNexHWIOxMJg8XbrRjSAyCksRCOIP8eEM18Vokk1mtGQjDO77WyMuTxcW7WzFc5TG9OIyIWBXV9KKnp0A5D4XIbkHQfJKHs7CIHicNYzU7xAjfs5Yz_USPdbi0vddhEGORsglTEP6ma1Kumn9g0aGd0m4dtjw6QvhnhRZgFhSZwZqJxng_fah5S3zL9a_pMsURcrg231JKZYp9Dc4esQCYRRIDLeP-6MEw9cFJ86IRrZssfkxRvn2AL-KHMWjMSBVen2j3EXXWO75aKo6AMkNi-2LFhX--d1r9WkDYBXlzSF3V9AHessWSP71UHpVSpmQSVb9bbJFYdNh-YSI1SW5LClry72-bCDx7VQZxa1o8J3dSaFyhFIoxJYLHb0WakynrJKtvXDbMDreGYJny4SXoVgrPhTsB93LtdIbe1JY2S25nTNDync2Wuj7FrVOPNhx3dFdQnNkMFzigtTAV04oQUrrV-WkyQL17Y1Eahq1wlLZqE8exg3UAH2FNBtEgwurj88gYdBRXtoD9VQDBZ0-F6HF0-4CivIw0ywymVg--Ncr1tgtPUlZtNzKG1HrqTa6omFOF_w3-tLxO5v_izj1HP1853B2xAsF7oU4RmXzU7Vku9mwnE3XxWzSD3kFvIil8GFXo6gy-UjUyQyPKX2G0ci-ix-cYqpR56my96FV0FgCTzg5NtRVoc6pGI9zlSmnvHithzTyPpw7z8Y245bmPWOW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.helpwelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| dataLayer function| limitSelections function| dig function| process_ajax_modal_sign_up function| process_ajax_modal_login function| setBrandIcon function| setElementStyle function| handleStripeFormChangeCardNumber function| handleStripeFormSubmit function| markFormSubmitted function| unmarkFormSubmitted function| verifyAuthToken function| stripePaymentMethodData function| handleStripeError function| displaySessionTimeoutError function| chargeForStripeSale function| createStripeToken function| createStripeSubscription function| mobileWidth function| toggleMobileSearchBar function| showMobileSearchBar function| hideMobileSearchBar function| mobileSearchResize function| getParameterByName function| capitalize function| typeOf function| hideNonCompliantBoost function| parseBooleanStyle function| registerAsset function| registerPostAction function| initialAssetLoad function| setAndLoadAtLevel function| loadAssets function| isAssetLoaded function| loadAsset function| isTrustArcCMALoaded function| loadAtCMALevel function| runActionIfAllowed function| copyToClipboard string| prepend function| check_input boolean| stripeFormSubmitted object| originalPaymentButtonText string| jQueryFormButtonId object| stripeElementClasses object| stripeElementStyles object| stripeElementOptions object| optimizedResize object| URI object| trustArcLevels function| $ function| jQuery object| jQuery112405483473942751722 function| initializeMultiselect object| mobileSearch function| BraintreePaymentForm function| Cookies object| dataConfirmModal object| trustArc function| track_click function| track_links boolean| jbio_ga_enabled string| GoogleAnalyticsObject function| ga object| mixpanel_events object| mixpanel function| enableLocationAutocomplete function| card_click object| I18n string| linkurl string| locationurl object| __twttrll object| twttr object| __twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| AMP object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp function| _googCsa number| googleNDT_ number| googleAltLoader object| google function| __sasCookie object| GoogleGcLKhOms object| google_image_requests

22 Cookies

Domain/Path Name / Value
.helpwelp.com/ Name: _job_board_session
Value: a68ac5aeaf5069e566b4d41c4342e073
.www.helpwelp.com/ Name: __cf_bm
Value: uoJSGhLINeyPkRtjUBzb5JHqF8ZG3AgFOQAysUd8xcQ-1669742855-0-AVTRNfTvD03Z6GevNltlUh9bQ8y64bQ+Op5cobkvwOxUgG1k/HNIYNLcazyWgWd+ezYDVWWTg0Goqlo3pL656/k=
.justanswer.com/ Name: __cf_bm
Value: 2iVCp2cPCOkI.S0JG_0SwxtIQZHS92I5XlhdKhDZy7g-1669742855-0-AZte4SmG1ieA1a5IOyhddJ/KuF4RtkNxkKLnlXcrUVpGRXIOibRJV8E1b9Kx898J9YQB3JykfaTzNPIF/ucPiE0=
.helpwelp.com/ Name: _ga
Value: GA1.2.1078853344.1669742855
.helpwelp.com/ Name: _gid
Value: GA1.2.1474388837.1669742855
.helpwelp.com/ Name: _gat
Value: 1
.helpwelp.com/ Name: _gat_jbo
Value: 1
.helpwelp.com/ Name: __gads
Value: ID=1ae32f002ef9906a-22dcf12bf4d70030:T=1669742855:RT=1669742855:S=ALNI_MbGAjzH-e3o64xrJDle-a2dq80NtQ
.helpwelp.com/ Name: __gpi
Value: UID=00000b8a2b853010:T=1669742855:RT=1669742855:S=ALNI_MYD6W00ncfrdYfM5P-pyz3Ces64nQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlNTtkA8V0umg-pztp8AMKYzej6eUVA0PTYTv8rEbTjfjUITfsiKjh2AniieGw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.helpwelp.com/ Name: __gsas
Value: ID=a96709f43ed1685c:T=1669742856:S=ALNI_MapC3BhL0BPyTNCCNyjGtsheGE2Rw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EGcBCQHYJ4EA
.quantserve.com/ Name: mc
Value: 6386410a-03aa7-f6cba-eab7b
.casalemedia.com/ Name: CMID
Value: Y4ZBClOcMd1abktvUedCqwAA
.casalemedia.com/ Name: CMPS
Value: 1166
.casalemedia.com/ Name: CMPRO
Value: 1166
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7AAFA7CD-6D95-4813-BD01-7BC2954C006B
.casalemedia.com/ Name: CMTS
Value: 3393
.innovid.com/ Name: uuid
Value: 8ebc5dfc-371e-4d8e-b6bd-87a7bc50ba9d-20221129 12:27:38

5 Console Messages

Source Level URL
Text
network error URL: https://components.justanswer.com/js/ja-gadget-virtual-assistant-config,ja-gadget-virtual-assistant-subtle
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://components.justanswer.com/css/ja-gadget-virtual-assistant-subtle
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://trk.justanswer.com/aff_i?offer_id=2&aff_id=10447&file_id=2468
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaNPSRvF-pPo-USNQbY3XhHxzlblPbRPg66eXXYMRC2b6CFhqSV-Nl2G45hZB8ZrGyoMG4J2F3ZR7ddtADwAJ1NUtV_U7g&google_gid=CAESEGMeU6oSyA3y2kx3mBcQVzQ&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.ampproject.org
cdn.syndication.twimg.com
cm.g.doubleclick.net
cms.quantserve.com
components.justanswer.com
connect.facebook.net
d6dyoorq84mou.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
jobboardio.s3.amazonaws.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
rtb.openx.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
trk.justanswer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.helpwelp.com
www.lduhtrp.net
www.yceml.net
104.16.42.9
104.244.42.72
172.217.16.130
172.64.154.237
198.47.127.19
23.205.245.232
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:57cc
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c0b::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
34.248.6.121
35.227.252.103
35.244.174.68
52.217.81.252
52.222.232.69
69.173.144.139
89.207.16.75
028558d7df6f9debf5df6d8a776d0e225e0082f2c455d1a840452e0f3b1cb4dc
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baafeead4481071ad4ac8e7b389eb4f42d43d2ff9c9ca40ee0367b075879acb
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
23e0fe6c73e85db1e24bf07d26751d9137e4f544c3ea19cb0776a5033f57f5a2
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2d3d347d1f287357f3a7a22ee99ca3e70d25f0310d8173acd4e07c95bdc15f24
2f397d2c3d5a26597348a32c781dff7eb382580a1496de27a418b587501dcdaa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3881a65b6b4d80444394a8625197ae97f33de520bbd66527e0c28888bb387e5e
3919ee5458f2919080c7491af18fe4d33d9775d16b03191733f8cc9870f85340
3c75e52a2ca2ffcc05363d11854f68977f2d376c15d231b396816e90bde25ad9
495b2300f6a345668d6ccbb88e98fcf85848097c037d0c58cc99eee897e6cd51
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50fb33bfc02373d85bbefeb1701eb512b83818bbec45760207b595a13d469aa1
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
665aace6596b2ed84478f6af01ff78364a5f2edcc4a7809ed6b0eedbb1756e41
6ae53b07981fd201eb507bed7d8eb2aff2a8d489763ea4b4ff615ab9df9c98c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7d179272a3476557110e052a8a9723c73472e6791e23150c347295207296834b
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8128fd1816b8eaffe63cd60f47dfd4d4ec30d29d5ba3e8c05b8a25a335daca1e
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8f3b76164c64eda1fadbb43b84cfa3a0cb7cac93b1b5c3817adad8f6cb83cee5
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
96b0ca402905d12da7e5e09505a74b937e1d52797f02ae74e2c9e54fb41c6444
9718b697bab3b7d113197d1b1acbb3bf53d1659f185533b286b12d308c245d59
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aca874fb300c10b55a3d43e4cc65d3d4716addaa9c22a69ee06cf6a93c22706
9c0a2f361a3da33b830111d33cd83e68f6ea98c1ff7a86fa4bb200a78880921e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a596a0710d3bf40875dbae25f962e9d9e3755b6528395df84d9814077da50be9
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed78814edbf1e0fc25278cb1910e2512593f29ee90c449a534f9502186da3a1
af465ff34b5e2a08777524acb7b35a528818e8195bbc8dbf88bc8b26ce2edd5a
afae570e96953be8e6bd43a0cb393092498f5a6e9fc629f58cd1a1eee08eec10
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49fc1a5ca3b937e6ef8b62c2bb0d592f2dad726060dd011facd1fe0de1942bb
b522b8255b11912d278a6800c1225ae97a119821b14fbd502d60feb46eceb0b6
b947ce8452262df7f82a00adb1ea2369cd3c9a9b98f5f7d8c087b1bd3c03cd70
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c29aebc6ee24dd2a667624715b17de2ed2b5a89c12c046241b3502c4f94bd832
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c3c8663a8ebd51ba31c0eb5ee4351be7da1e0712bf2e6affddab7231b29b944a
c77a0c200eddca8366077e61ee0e6f1166cff951f4b366986ed56ad138cc291d
ccb2124b5036ca7381e0539827143897fe2f197fd16cedbc33e7cf2f400393f4
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d6491fc04dada4db3ece72c27c9a9e734d5e76c7896040abb433a491f269ae97
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ed9117c2675af0bb1776483c735371ea5c9defea473085fb52489b9d13bbcc
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fab006b7d781def9f518de2de356e2858950bc8dae4d6ec1d2023715ae9625df
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
febf5222344514f9b701c21c65640d1e79153ae7db31d3d69362f753d9b7ea83
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48