52.64.66.132 Open in urlscan Pro
52.64.66.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://52.64.66.132/
Submission: On March 03 via manual (March 3rd 2022, 3:34:04 am UTC) from AU — Scanned from DE

Summary HTTP 201 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 32 domains to perform 201 HTTP transactions. The main IP is 52.64.66.132, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is 52.64.66.132.

This is the only time 52.64.66.132 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
73	52.64.66.132 52.64.66.132	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.225.120 52.217.225.120	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6813:d983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
17	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2.16.186.32 2.16.186.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.86.117.43 54.86.117.43	14618 (AMAZON-AES) (AMAZON-AES)
1	184.73.240.29 184.73.240.29	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6812:863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.217.16.251 3.217.16.251	() ()
201	40

73 52.64.66.132 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com

52.64.66.132	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.225.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

spatialsource.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d983 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States) 1 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.117.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-117-43.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.240.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-240-29.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:863 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-engine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.16.251 (None, )

ASN- ()

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	401 KB
18	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 pubads.g.doubleclick.net — Cisco Umbrella Rank: 494	260 KB
16	googlesyndication.com 16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	766 KB
10	wistia.net fast.wistia.net — Cisco Umbrella Rank: 6593	358 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 apis.google.com — Cisco Umbrella Rank: 83 adservice.google.com — Cisco Umbrella Rank: 57	74 KB
6	addthis.com 1 redirects s7.addthis.com — Cisco Umbrella Rank: 1373 m.addthis.com — Cisco Umbrella Rank: 1332	218 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	181 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	198 KB
3	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635	273 KB
3	akamaihd.net embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 7429	238 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2955 onesignal.com — Cisco Umbrella Rank: 1292	73 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	33 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	172 B
2	polarcdn-engine.com polarcdn-engine.com — Cisco Umbrella Rank: 9685	560 B
2	wistia.com distillery.wistia.com — Cisco Umbrella Rank: 5677 pipedream.wistia.com — Cisco Umbrella Rank: 5928	315 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	t.co 1 redirects t.co — Cisco Umbrella Rank: 448	883 B
2	mediavoice.com 1 redirects plugin.mediavoice.com — Cisco Umbrella Rank: 28103	137 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 54	278 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2544 pixel.wp.com — Cisco Umbrella Rank: 2476	3 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 464
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1542	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2051	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2038	21 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 329	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 531	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2209	891 B
1	spatialsource.com.au spatialsource.com.au	10 KB
1	amazonaws.com s3.amazonaws.com	19 KB
0	intermedia.com.au Failed secure.intermedia.com.au Failed
201	32

	Domain	Requested by
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 52.64.66.132
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net
10	fast.wistia.net	52.64.66.132 fast.wistia.net
9	csi.gstatic.com	securepubads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	52.64.66.132 securepubads.g.doubleclick.net www.gstatic.com
5	www.googletagservices.com	52.64.66.132 securepubads.g.doubleclick.net
5	s7.addthis.com	1 redirects 52.64.66.132 s7.addthis.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.facebook.com	52.64.66.132 connect.facebook.net
4	connect.facebook.net	52.64.66.132 connect.facebook.net
3	static.xx.fbcdn.net	www.facebook.com
3	pagead2.googlesyndication.com	www.googletagservices.com
3	embedwistia-a.akamaihd.net	fast.wistia.net
2	fg8vvsvnieiv3ej16jby.litix.io	fast.wistia.net
2	polarcdn-engine.com	plugin.mediavoice.com
2	t.co	1 redirects 52.64.66.132
2	apis.google.com	52.64.66.132 apis.google.com
2	plugin.mediavoice.com	1 redirects 52.64.66.132
2	www.googletagmanager.com	1 redirects 52.64.66.132
2	www.google-analytics.com	52.64.66.132 www.google-analytics.com
2	cdn.onesignal.com	52.64.66.132 cdn.onesignal.com
2	fonts.googleapis.com	52.64.66.132
1	pubads.g.doubleclick.net	plugin.mediavoice.com
1	analytics.twitter.com	static.ads-twitter.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	pixel.wp.com	52.64.66.132
1	pipedream.wistia.com	fast.wistia.net
1	distillery.wistia.com	fast.wistia.net
1	onesignal.com	cdn.onesignal.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.google.de	52.64.66.132
1	16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	s7.addthis.com
1	static.ads-twitter.com	52.64.66.132
1	stats.wp.com	52.64.66.132
1	js.hs-scripts.com	52.64.66.132
1	spatialsource.com.au	52.64.66.132
1	s3.amazonaws.com	52.64.66.132
1	ajax.googleapis.com	52.64.66.132
0	secure.intermedia.com.au Failed	52.64.66.132
201	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
directory.spatialsource.com.au
shop.spatialsource.com.au
twitter.com
instagram.com
wordpress.org
www.woothemes.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-10` - `2022-03-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.wistia.com Amazon	`2022-03-02` - `2023-03-31`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.litix.io Amazon	`2021-10-28` - `2022-11-25`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://52.64.66.132/
Frame ID: 51DC262C6B2D9F5D8341FFB39AF862A8
Requests: 133 HTTP requests in this frame

Frame: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
Frame ID: 4E3277771124763758FB54DB0677E0C6
Requests: 17 HTTP requests in this frame

Frame: https://16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD2E3713209D11073F72D832DF3EDABD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM-xrlA3Pgn2C0TOSKp1OMfdaEyWGYCPCNcsVIdDMA6Q9A8VCmR_uijOQqJiGaZamBEwKppHeo8-5xsCW1wCldfVQ2grCxVV30ROcA4FJEGZaFktbnd7oIlANtXwU2nSSPOdhG4skokiC8yKK9tOnwPdpnAyH2g7JZ6xBh4U4cFxolNt0ixgR8RABmZl2X95CA_a73sb1XkzWk0x7ehOf7WIWPGGSyc24-UCIS0CNPkCJ0Tt4NBmt3mVBb26_r5gcqSU_G_4XVo7CTY9JPRiK4E8n38H1tQZFVMMryXJI&sai=AMfl-YR24M77M83YLI3dX7e-5c-oXF7e8k0aZ5Nv4ROawlLs7fy0Ix4YmAS9jTGOeRmXMJbfVd1TjzBr06NzMVOqrJSszrt5jZDct0Nbo_cQpIJebku2GZiEu-S-uOWc_2HW&sig=Cg0ArKJSzHt4e1rn3k-9EAE&uach_m=[UACH]&adurl=
Frame ID: 4252D8FA127E31D4C42409E391202D14
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZAdoHGB8Lncel628GO4150oj9GjVEkmpQSmeQpWdfK1Ff0f5a4G7B0eYpMBJ7yNUCEIvebVZgedW1j968bYvdPMpAIfUKPif0yTQk1qWclLrUIIwwzyosyIDZvHJKdy7WnLWZ71t9DLxMrU79arsJeD7059-bRurXyBGlI3PsUU4gS94jHIdfjux2W2VhoPN0EgIfSxmeGvTMvrJ78AEk3fX5PJbwdgNEk94L_JpeFE_1Dj2bAP9hNYp6OfvWSCBLGrocGVrfZSyzIzTiSrVOz3-3geK3UAkuGcQeV1gb470&sai=AMfl-YT7VRiu0raCHyPGW_8y9Cd6_vMVFW2lg8gr-qn9GEh-TJ2Id2YehlQJSrRJxX-eyJfZy6j6pzp2Hy1DjbJqtYUqUrG-QXVO3nDNpZWSk4q8AYvX3Uhs_kbCrPfsXabw&sig=Cg0ArKJSzHtVVBUG8UceEAE&uach_m=[UACH]&adurl=
Frame ID: A6345ED308F3AA175A7381212E57DA9D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf8h-0KzBIW6aOjKVylcqBvqx1eezfJT4wlUD_pihSyDNaw1fBIpvj-3kHdOB7pv7_MMdIlYlyL5APmdjHXefY-ZmzOZi79dwTPEOwV1WunDRJeOsAe9hh0o-IzB2nKu3_-aubVbLKXBgM5vIkErPiQFJlfr5Bw3SjvCIfeWT-VS2dgFU2VOU1ONTzZLWwREUZ2r-mKFAxrARO9ebkPmePFE9iDKTIp6eAq4rBPvuKz7db3vggzoRDyjHR7keWp5vI3JnAwC5cFqds_mm23lyA0e3Bf2YqytXMFLppz9V1Gec&sai=AMfl-YRCXd4bnV98qA1-wM0ayzepHCZ71n8izE054o3VDj0LZJ9oAoUhFXz3w3wjJiZ4OE5PCk5U11LkpIw_PZ24S96_wJ6L6I-bG_GCfTmV6QXIHtD5133QSuy593gDhqSy&sig=Cg0ArKJSzCtdJXDqxjybEAE&uach_m=[UACH]&adurl=
Frame ID: 79D5185396E78127311445C14EE772F5
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOVXqp5c5uY53jCb1IwcKhk_evyEzLpDk9_Ym8-ZAj2AzmNsluh4AkEljIGY14h-KrR488LZK78S6RIWeZGn4nLsNEvYv0tUZbY6GCU0Hp_7wCvqWIQyVjdyuPM1LUEODTFNCv7EPgxJla735TZlsBeHlcS0oe26rC0IgWQDs1xRW6K770O5B8XzCEG7md0Ww8oVpzybhH5ZKH14nSvcOTLd0AsiRUKmYVVbrGIujvO53ymNsrbyqy_lzrR3BcgiPgLKJsBl6FcPJfn8VGv5ZDtPA8zZquactTC33V6kUh_A&sai=AMfl-YRuoyi7N9fbuByNwGzV4nxusy7AFIcgHDEv3LbiE0hdsO9p492o6md4L7Dg6_yOHvG_hN4kITbx5wkoknDWF7ayemVzva-S6qneMpuO55hC6QTVSw6A_ME0kjHJWrAz&sig=Cg0ArKJSzMDpGH5f_S7WEAE&uach_m=[UACH]&adurl=
Frame ID: 89FED7D2E3BA1A9D707A82EDD791142B
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E4863838B5382F565D04A5E581DFF6AD
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BDAC1544CB10FBEC0EB911E1E91181AC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4A6A45DB86DDEE66DC3CBBDB859B736B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a16f84ec6e3f8%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff2fac9581334c64%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false
Frame ID: 644B441E7FD22D1158B487BBC0C54592
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=PdoyIVkd8v16xl_NMp3H0N1Y&theme=light&size=invisible&badge=bottomright&cb=mkv9rdgawa
Frame ID: 364BF469F0BC4B70A7720A4F40B1D7CB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spatial Source | news on mapping, geospatial, surveying & geo-dataFacebookTwitterLinkedInInstagram

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

201
Requests

49 %
HTTPS

67 %
IPv6

32
Domains

46
Subdomains

40
IPs

4
Countries

4586 kB
Transfer

10454 kB
Size

11
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/SpatialSource/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/position-magazine-&-spatial-source-com-au/

Search URL Search Domain Scan URL

URL: https://directory.spatialsource.com.au/listing/
Title: Directory

Search URL Search Domain Scan URL

URL: https://shop.spatialsource.com.au/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/SpatialSource
Title: FacebookFollow on Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/follow?source=followbutton&variant=1.0&screen_name=spatialsource
Title: TwitterFollow on Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/position-magazine-&-spatial-source-com-au
Title: LinkedInFollow on LinkedIn

Search URL Search Domain Scan URL

URL: http://instagram.com/spatialsource
Title: InstagramFollow on Instagram

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: http://www.woothemes.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 68

http://www.googletagmanager.com/gtm.js?id=GTM-TD47HF HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF

Request Chain 95

http://plugin.mediavoice.com/plugin.js HTTP 301
https://plugin.mediavoice.com/plugin.js

Request Chain 96

http://connect.facebook.net/en_GB/all.js HTTP 307
https://connect.facebook.net/en_GB/all.js

Request Chain 101

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F HTTP 301
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F

201 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
52.64.66.132/ 93 KB
22 KB 749ms
480ms Document
text/html 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 538c3c39d2dac9e28ce4ca66d174786d447dd0c8e5c95c91489a8d3a05c9ff21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 03 Mar 2022 03:33:53 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Link: <http://52.64.66.132/wp-json/>; rel="https://api.w.org/", <http://52.64.66.132/wp-json/wp/v2/pages/156>; rel="alternate"; type="application/json", <http://52.64.66.132/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22168
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
52.64.66.132/wp-content/themes/spatial/ 28 KB
7 KB 270ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/style.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e9ac20d6f4cb323614faff95543b7797f595b8271d442ffdd34e13c69137eb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Feb 2022 03:32:49 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "6f0c-5d89300d8135e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6761

GET
H/1.1 200
OK ai1ec_parsed_css.css
52.64.66.132/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ 261 KB
76 KB 522ms
271ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/all-in-one-event-calendar/public/themes-ai1ec/vortex/css/ai1ec_parsed_css.css?ver=2.6.8
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Mar 2021 02:50:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "413b6-5bd119ddaa900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK layout.css
52.64.66.132/wp-content/themes/canvas/css/ 9 KB
3 KB 537ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/layout.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 7e0eeb766cafb16415d9a67beffc717f4e7045982d40f47cdcfa706b92dc27f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "231b-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2266

GET
H/1.1 200
OK style.min.css
52.64.66.132/wp-includes/css/dist/block-library/ 79 KB
11 KB 540ms
271ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "13abe-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10523

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
52.64.66.132/wp-includes/js/mediaelement/ 11 KB
3 KB 538ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2bf8-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2592

GET
H/1.1 200
OK wp-mediaelement.min.css
52.64.66.132/wp-includes/js/mediaelement/ 4 KB
1 KB 540ms
271ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "105a-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1156

GET
H/1.1 200
OK admin-bar.css
52.64.66.132/wp-content/plugins/anti-spam/assets/css/ 1 KB
834 B 539ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/anti-spam/assets/css/admin-bar.css?ver=7.2.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: bd9e1f6390136b9c83e656c6434f5007b910f584a7df35527fcdb1e883991282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:11:45 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "563-5c9e1bfb9c240-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 486

GET
H/1.1 200
OK intermedia-hubspot-newsletters-public.css
52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/css/ 98 B
453 B 806ms
268ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/css/intermedia-hubspot-newsletters-public.css?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 02:07:26 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62-5cbd6ed2ad380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 106

GET
H/1.1 200
OK intermedia-sponsored-content-public.css
52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/css/ 98 B
453 B 808ms
268ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/css/intermedia-sponsored-content-public.css?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 01:40:54 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62-5cd186bca6339-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 106

GET
H/1.1 200
OK bootstrap.min.css
52.64.66.132/wp-content/themes/canvas/css/ 119 KB
20 KB 812ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/bootstrap.min.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: c0b04ef697d6cff323e1711e53ace560b8da3f545489e5a6512a194ecf11de39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1dda8-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20137

GET
H/1.1 200
OK style.css
52.64.66.132/wp-content/themes/canvas/ 57 KB
12 KB 811ms
271ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/style.css?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 052fe48add4e67ecd7d654fae1461c62d4013d0c5675b2489b4f49f524987175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2017 23:18:20 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "e24e-547f8f6b3e700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12055

GET
H/1.1 200
OK /
52.64.66.132/ 6 KB
2 KB 977ms
437ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/?woo-css=load&ver=5.0.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 92b201fc6b011771c26fa0aa3640fea583ef91950ebe3e037f409d0d30d6f2e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 1276

GET
H/1.1 200
OK jetpack.css
52.64.66.132/wp-content/plugins/jetpack/css/ 85 KB
17 KB 1063ms
272ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/jetpack/css/jetpack.css?ver=10.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 00:49:01 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "15369-5cd17b2371e38-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 17058

GET
H/1.1 200
OK generator.php
52.64.66.132/wp-content/themes/canvas/css/ 98 B
412 B 1075ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/css/generator.php?layout_width=1000&ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: 833599771226019fe97b2000ba61fbca1fa9fcaa84ca7f00273cc3afb6052d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css; charset: UTF-8;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 108

GET
H/1.1 200
OK /
52.64.66.132/ 46 B
353 B 1203ms
394ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/?woo-layout-css=load&ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d / PHP/7.4.22
Resource Hash: bdfcdc59347ec3b9e38269a6a5938230d37da622d469c82142d23b6c0e422f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
X-Powered-By: PHP/7.4.22
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 66

GET
H/1.1 200
OK jquery.min.js Show response
52.64.66.132/wp-includes/js/jquery/ 87 KB
31 KB 1338ms
274ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "15db1-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30908

GET
H/1.1 200
OK jquery-migrate.min.js Show response
52.64.66.132/wp-includes/js/jquery/ 11 KB
4 KB 1349ms
274ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2bd8-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4169

GET
H/1.1 200
OK intermedia-hubspot-newsletters-public.js Show response
52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/js/ 838 B
841 B 1351ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-hubspot-newsletters/public/js/intermedia-hubspot-newsletters-public.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 02:07:26 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "346-5cbd6ed2ad380-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 479

GET
H/1.1 200
OK intermedia-sponsored-content-public.js Show response
52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/js/ 838 B
841 B 1352ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/intermedia-sponsored-content/public/js/intermedia-sponsored-content-public.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 01:40:54 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "346-5cd186bca6339-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 479

GET
H/1.1 200
OK gtm4wp-form-move-tracker.js Show response
52.64.66.132/wp-content/plugins/duracelltomi-google-tag-manager/js/ 2 KB
702 B 1471ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:19 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "600-5c9e1b705f9c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 340

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js?ver=5.8.3

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 19:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 19:05:54 GMT

GET
H/1.1 200
OK modernizr.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 11 KB
5 KB 1515ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/modernizr.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2b4c-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4511

GET
H/1.1 200
OK bootstrap.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 36 KB
10 KB 1609ms
271ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/bootstrap.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "900a-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 9773

GET
H/1.1 200
OK jquery.waypoints.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 9 KB
3 KB 1621ms
272ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/jquery.waypoints.min.js?ver=3.3.6
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: ac108f232842ce42ad096c3dd90819156e79dfffe99ecdc4c7a80f89ba30a1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2287-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2707

GET
H/1.1 200
OK sticky.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/shortcuts/ 1 KB
946 B 1621ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/shortcuts/sticky.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e0d03795322f25d9d95d750676205ce90d8fdfcb245ab762b9130ba61e981545

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4e1-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 584

GET
H/1.1 200
OK readmore.min.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 4 KB
2 KB 1622ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/readmore.min.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: c5602b2e83fb2fd5abdeca2e5d21986046ab1b399eb6a2195708ef329f7a5e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "fd3-53180b877ff00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1717

GET
H/1.1 200
OK script.js Show response
52.64.66.132/wp-content/themes/spatial/js/ 3 KB
2 KB 1740ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/spatial/js/script.js?ver=1.0.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9d6b6fea30b0f68f0f39d25725a1efa8bd79be21b8c36c6f4e3bf9aae58045f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Oct 2019 05:08:48 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "cc5-593fa949d5800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1208

GET
H/1.1 200
OK third-party.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 4 KB
2 KB 1783ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/third-party.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 36ac65354f43479b9ecd2d7a7bdd749962c083d5a5b3366fedd832cd31476762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1128-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1598

GET
H/1.1 200
OK jquery.flexslider.min.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 16 KB
5 KB 1890ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/jquery.flexslider.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "401d-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5110

GET
H/1.1 200
OK general.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 2 KB
1 KB 1890ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/general.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 0fc29f186f4d182e930c9fafd0efcf208fe861eb87e42c0d9318981cddbb5028

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "8fc-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 883

GET
H/1.1 200
OK css
fonts.googleapis.com/ 7 KB
1 KB 24ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Merriweather%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic%7CSource+Sans+Pro%3A200%2C%3A200italic%2C%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15a716f4a74b3ca012f631a07276f4a3a5e055dd950b5265218ba8e298b42882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 03 Mar 2022 03:33:53 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 03 Mar 2022 03:33:53 GMT

GET
H/1.1 200
OK nwmatcher-1.2.5-min.js Show response
s3.amazonaws.com/nwapi/nwmatcher/ 19 KB
19 KB 214ms
112ms Script
application/x-javascript 52.217.225.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s3.amazonaws.com/nwapi/nwmatcher/nwmatcher-1.2.5-min.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.217.225.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70a73d0e82d5aa2418bbe189542f7b563c284fa57dafecd35c2bd5e7548ce242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Last-Modified: Tue, 17 Jan 2012 12:17:47 GMT
Server: AmazonS3
x-amz-request-id: QPMNF21A8P8AG91T
ETag: "9dc544da48fbab6a88aa739222fcd42a"
Content-Type: application/x-javascript
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 19000
x-amz-id-2: hyyCECcupjVcqxVTYIB/lfpvpqmbHuq9O2vZHk5u0cCOA+1zcI5SClFP0FuC/HeCElNUNOptr7g=

GET
H/1.1 200
OK shortcodes.css
52.64.66.132/wp-content/themes/canvas/functions/css/ 28 KB
5 KB 1079ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/functions/css/shortcodes.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a02469f98260ae27494bb54f1519db7cdad053185c7cc9470af9245cff33c7e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "70de-5318507461c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4865

GET
H/1.1 200
OK custom.css
52.64.66.132/wp-content/themes/canvas/ 6 KB
2 KB 1242ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/custom.css
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 15d090d3fe70263d81d9c491979be73b77bca882155b356f41b0046cbef0cba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Sep 2016 00:55:36 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "16cb-53bf47cd5d200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1496

GET
H/1.1 200
OK facebook.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 1 KB
2 KB 526ms
269ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/facebook.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 0d0032e9daffaeccf9f8f91bc5b50e68a157a0ce26131d66569753efbe25af87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "5be-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1470

GET
H/1.1 200
OK linkedin.svg
52.64.66.132/wp-content/themes/spatial/images/social/ 2 KB
3 KB 520ms
270ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/linkedin.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a02efbfef7340d1cd808b598166a53e8d82c492c81ef030ad0766efa5a7424c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "92f-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2351

GET
H/1.1 200
OK ico-search.png
52.64.66.132/wp-content/themes/canvas/images/ 366 B
663 B 526ms
268ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/canvas/images/ico-search.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 56390f0d43e4e647f5e912867ffce3db8f51c4c49b07fa3b14ed5bd9c0df4eb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "16e-5318507461c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 366

GET
H2 200 logo-footer.png
spatialsource.com.au/wp-content/themes/spatial/images/social/ 9 KB
10 KB 1163ms
973ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spatialsource.com.au/wp-content/themes/spatial/images/social/logo-footer.png

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9240
last-modified: Thu, 28 Apr 2016 00:36:44 GMT
server: cloudflare
etag: "2418-53180b877ff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te62gx6aCJzl%2BlTAfPgPGx47Px9yYYPvcZFU36ycMUWkFjHYooBH7QfjeoGVglQfd12vSiT%2FbyISUcorLxxdpuqZs3F90Fv%2BUwvfWAzsW3PSUBsurC3FWqh42Ggn7rtBg4f%2BsUAbLTnhO5%2BMJEtcWRIPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e5f5040ba24839d-MXP

GET position_cover.jpg
secure.intermedia.com.au/images/mags/ 0
0

GET
H/1.1 200
OK clock.svg
52.64.66.132/wp-content/themes/spatial/images/ 2 KB
2 KB 499ms
268ms Image
image/svg+xml 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/clock.svg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9bc1bd6d547a9e18f479347294d739b0280d672c54bf580cde0ff02cb1e491df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "7c3-53180b877ff00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1987

GET
H/1.1 200
OK location.png
52.64.66.132/wp-content/themes/spatial/images/ 307 B
604 B 271ms
270ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/location.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 713c712e418fbf59710b19e918c86dfa324e2f44366f093f28aadd9174a70cb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "133-53180b877ff00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 307

GET
H/1.1 200
OK logo-footer.png
52.64.66.132/wp-content/themes/spatial/images/social/ 9 KB
9 KB 271ms
269ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/spatial/images/social/logo-footer.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Thu, 28 Apr 2016 00:36:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "2418-53180b877ff00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 9240

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

33ms
11ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 03 Mar 2022 03:33:55 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK woothemes.png
52.64.66.132/wp-content/themes/canvas/images/ 2 KB
3 KB 269ms
268ms Image
image/png 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/themes/canvas/images/woothemes.png
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 09e4811e5651b57616d379f099d2b11d1947ca1adda5a5d962d6e1dd2878fc29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Thu, 28 Apr 2016 05:45:06 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "967-5318507461c80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 2407

GET
H/1.1 200
OK formreset.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 4 KB
750 B 269ms
268ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "f14-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 402

GET
H/1.1 200
OK formsmain.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 78 KB
12 KB 271ms
270ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "139e5-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 12277

GET
H/1.1 200
OK readyclass.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 30 KB
4 KB 271ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "781d-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3451

GET
H/1.1 200
OK browsers.min.css
52.64.66.132/wp-content/plugins/gravityforms/legacy/css/ 8 KB
1 KB 272ms
269ms Stylesheet
text/css 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "20d7-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1173

GET
H2 200 8838799.js Show response
js.hs-scripts.com/ 964 B
891 B 235ms
178ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cafee5bc5f7f3fd827ef6cf8aceca1366ba0362bcad036a5923ce0885cfe7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: f39264ce-8bdf-4f28-89cc-39ff2eedb90f
last-modified: Wed, 02 Mar 2022 23:54:26 GMT
server: cloudflare
x-trace: 2B295B1A29216D0ADF3995C9CFB742B9C70033151C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: http://52.64.66.132
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6e5f503fe9ab0f66-MXP
expires: Thu, 03 Mar 2022 03:34:55 GMT

GET
H/1.1 200
OK feedback.js Show response
52.64.66.132/wp-content/themes/canvas/includes/js/ 2 KB
846 B 273ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/themes/canvas/includes/js/feedback.js?ver=5.0.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 2205a2bfd1c02581de2e764c8b5a918767fec2624e4956b62934c60f43561400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Apr 2016 05:45:08 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "62a-531850764a100-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 484

GET
H/1.1 200
OK wp-embed.min.js Show response
52.64.66.132/wp-includes/js/ 1 KB
1 KB 273ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "592-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 765

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 87ms
27ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:55 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 743
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e5f504029743762-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 06 Mar 2022 03:33:55 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
52.64.66.132/wp-includes/js/dist/vendor/ 6 KB
3 KB 978ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1906-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2398

GET
H/1.1 200
OK wp-polyfill.min.js Show response
52.64.66.132/wp-includes/js/dist/vendor/ 16 KB
6 KB 271ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4056-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6031

GET
H/1.1 200
OK dom-ready.min.js Show response
52.64.66.132/wp-includes/js/dist/ 1 KB
966 B 270ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4e9-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 604

GET
H/1.1 200
OK hooks.min.js Show response
52.64.66.132/wp-includes/js/dist/ 5 KB
2 KB 269ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1540-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1790

GET
H/1.1 200
OK i18n.min.js Show response
52.64.66.132/wp-includes/js/dist/ 10 KB
4 KB 269ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "268a-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3858

GET
H/1.1 200
OK a11y.min.js Show response
52.64.66.132/wp-includes/js/dist/ 3 KB
1 KB 270ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "bc1-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 1156

GET
H/1.1 200
OK jquery.json.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 269ms
268ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "738-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 926

GET
H/1.1 200
OK gravityforms.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 43 KB
13 KB 270ms
270ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "aba9-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 13137

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 46ms
16ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&ver=5.8.3

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e906ebceebe6dfb08328791886fbac4df43143e7655cb17fa2cd1752b1d3966

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 03 Mar 2022 03:33:55 GMT

GET
H/1.1 200
OK placeholders.jquery.min.js Show response
52.64.66.132/wp-content/plugins/gravityforms/js/ 5 KB
2 KB 269ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.9
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Aug 2021 04:09:44 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "121f-5c9e1b8837200-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 1750

GET
H2 200 e-202209.js Show response
stats.wp.com/ 9 KB
3 KB 21ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202209.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 03 Mar 2022 03:33:55 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 19 Feb 2023 22:10:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 37ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/wp-content/themes/spatial/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

993184b823c59ac0eac1f308adb51a9337265ce81a88504af70c8aef388ac8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 03:33:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 03:33:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Mar 2022 03:33:54 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
52.64.66.132/wp-includes/js/ 18 KB
5 KB 270ms
269ms Script
application/javascript 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://52.64.66.132/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 15:16:03 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "4705-5c9aeadec72c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 4930

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3bfe3fb1ecd5265659a05e22af5b9ed83106bf712a9893ebc6d0ab6e5e4c23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1148 / 356 of 1000 / last-modified: 1646262386"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27974
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 03 Mar 2022 03:33:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7142
date: Thu, 03 Mar 2022 01:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Mar 2022 03:34:53 GMT

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 23ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://static.ads-twitter.com/uwt.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 00:44:37 GMT
Etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
Vary: Accept-Encoding,Host
x-tw-cdn: FT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
X-Cache: HIT, HIT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 5410
X-Served-By: cache-iad-kiad7000096-IAD, cache-hhn11547-HHN

GET
H2

404

gtm.js
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF

0
0

48ms
26ms

Script
text/html

2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Server: 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF
Date: Thu, 03 Mar 2022 03:33:55 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: VpMjupshWxjpe40cscEeUHAQzisxImfg3rKJb8lmuQTfy0L7ZBxAsXEVYf0roojqeLZBh8j/j3j+yWGLWXb2Zg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Mar 2022 03:33:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic%7CSource+Sans+Pro%3A200%2C%3A200italic%2C%3A300%2C%3A300italic%2C%3Aregular%2C%3Aitalic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic%2C%3A900%2C%3A900italic

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 06:47:45 GMT
X-Content-Type-Options: nosniff
Age: 593170
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20028
X-XSS-Protection: 0
Last-Modified: Wed, 15 Dec 2021 02:22:44 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 24 Feb 2023 06:47:45 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 34186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:04:09 GMT

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 02 Mar 2022 18:20:05 GMT
X-Content-Type-Options: nosniff
Age: 33230
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 13036
X-XSS-Protection: 0
Last-Modified: Wed, 23 Feb 2022 17:39:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 02 Mar 2023 18:20:05 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 34186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:04:09 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 14:23:20 GMT
X-Content-Type-Options: nosniff
Age: 565835
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19752
X-XSS-Protection: 0
Last-Modified: Wed, 15 Dec 2021 02:23:11 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 24 Feb 2023 14:23:20 GMT

GET
H/1.1 200
OK Winners_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/03/ 94 KB
94 KB 436ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/Winners_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: c34e6481f3090ea7e1e027dfa872a26a4d3092f83d6bfa77fa938ad2b95b2cdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Wed, 02 Mar 2022 05:25:05 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "176f4-5d935810b4e6e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 95988

GET
H/1.1 200
OK Eos-Bridge-Feature-Image-01-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 15 KB
16 KB 977ms
271ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Eos-Bridge-Feature-Image-01-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 88f3468f28f8e083401ffd9987fa9ab1b895f5833a68fcb947766e614f0846bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Tue, 01 Feb 2022 21:52:49 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "3d2c-5d6fbec0eff4b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 15660

GET
H/1.1 200
OK PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 6 KB
6 KB 705ms
268ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 6d04ac669715cb372b2713f29164a79884cd89f884cf70a309fcf43270aeb1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Mon, 31 Jan 2022 21:07:55 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1793-5d6e72da36b1b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 6035

GET
H/1.1 200
OK Front-image-175x140.jpg
52.64.66.132/wp-content/uploads/2021/10/ 9 KB
9 KB 977ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2021/10/Front-image-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 9eece2a2b1198f6a3eee980b1599f892271511cbc48115bc551bd3a0a76af1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Tue, 19 Oct 2021 00:00:36 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "233d-5cea959df20a7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 9021

GET
H/1.1 200
OK Airport-infrastructure-image_web-175x140.jpg
52.64.66.132/wp-content/uploads/2022/02/ 8 KB
8 KB 705ms
269ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Airport-infrastructure-image_web-175x140.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: b1167acda910481187c3e4493572f5fb91ca19452d57b8e14b43d4829783e430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Mon, 31 Jan 2022 20:49:23 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "1e5e-5d6e6eb5daea9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7774

GET
H/1.1 200
OK Winners_web-476x335.jpg
52.64.66.132/wp-content/uploads/2022/03/ 72 KB
72 KB 437ms
271ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/Winners_web-476x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: b168e86b5ff646c5d056f8909b07c5d654ddbe436cf06fe21ad40dac20473025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Wed, 02 Mar 2022 05:25:04 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "12055-5d935810998ee"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 73813

GET
H/1.1 200
OK PukaPuka_web-487x335.jpg
52.64.66.132/wp-content/uploads/2022/03/ 59 KB
59 KB 696ms
269ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/PukaPuka_web-487x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 59c9973e3e248bbca0f653164af93ccc334d8ffbf8bf34dec9e00e6557c2a318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Wed, 02 Mar 2022 05:18:48 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "ec8c-5d9356a92ca8e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 60556

GET
H/1.1 200
OK AdobeStock_162458830_web-487x335.jpg
52.64.66.132/wp-content/uploads/2022/03/ 18 KB
19 KB 704ms
268ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/AdobeStock_162458830_web-487x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: f18e573334b605cc44d6fe9bd879a494be96d96e7dfdd649e7910fe87a610fac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Tue, 01 Mar 2022 23:13:28 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "49f1-5d930500dc8a4"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 18929

GET
H/1.1 200
OK kdmm5j2n7u Show response
fast.wistia.net/embed/iframe/ Frame 4E32 6 KB
3 KB 165ms
132ms Document
text/html 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a39a0534a9b9801289f9ccf6834adcc424b6d4f74fe67731ff9ac1b2727e2e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
ETag: W/"a39a0534a9b9801289f9ccf6834adcc4"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: d373f4fd0e6b798d26c70f6c44af9001
X-Runtime: 0.068495
Content-Length: 2479
Accept-Ranges: bytes
Date: Thu, 03 Mar 2022 03:33:55 GMT
Age: 72954
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100163-IAD, cache-mxp6929-MXP
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1646278436.871550,VS0,VE107
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: chrome
X-Browser-Version: 99

GET
H/1.1 200
OK AdobeStock_278697081_web-503x335.jpg
52.64.66.132/wp-content/uploads/2022/03/ 55 KB
55 KB 952ms
271ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/AdobeStock_278697081_web-503x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 130eaf99bd2cd686ff519ab908b22b9800044fc5fb3b76cb4a696569be46ea52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Tue, 01 Mar 2022 04:32:19 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "db35-5d920a67f3059"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 56117

GET
H/1.1 200
OK australia_vir_2019044_web-485x335.jpg
52.64.66.132/wp-content/uploads/2022/03/ 61 KB
61 KB 952ms
272ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/03/australia_vir_2019044_web-485x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 871ce5ea68d19bfbbaf907d20ccd4a6ea7886ea2ce21e13ec2e0e2ca21475668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Last-Modified: Tue, 01 Mar 2022 03:09:52 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "f491-5d91f7fa0ef2b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 62609

GET
H/1.1 200
OK AdobeStock_10083627_web-505x335.jpg
52.64.66.132/wp-content/uploads/2021/10/ 36 KB
36 KB 270ms
269ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2021/10/AdobeStock_10083627_web-505x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 48bcd9618cf6b9f31fc4d5a30c7899c702a5fc495bd5ecdbdec56ed1b0fac6a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Sun, 24 Oct 2021 23:22:24 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "8e53-5cf218459ee5f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 36435

GET
H/1.1 200
OK Paul-Scully-Power-Australias-First-Astronaut-3_web-503x335.jpg
52.64.66.132/wp-content/uploads/2022/02/ 40 KB
40 KB 271ms
271ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Paul-Scully-Power-Australias-First-Astronaut-3_web-503x335.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a7df7e20c12498cbd8bfb050068ffb7f70a2c430997501b5b80eb688c84b63e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Mon, 28 Feb 2022 03:52:19 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "9f80-5d90bf99aef5a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 40832

GET
H/1.1 200
OK PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/02/ 55 KB
55 KB 269ms
268ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/PIC1_HERO-IMAGE_Port-of-San-Fran-Cover_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a09f977ac2bb71a7b6588853a983c9e7bf8c79f32979ad45763b41b4f84638cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Mon, 31 Jan 2022 21:07:55 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "dc51-5d6e72da4d27c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 56401

GET
H/1.1 200
OK NZ_APSEA_web.jpg
52.64.66.132/wp-content/uploads/2022/02/ 203 KB
204 KB 269ms
268ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/NZ_APSEA_web.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 72c7c136c4f241536c6eb24d450dc3ad86b55c1d12be67e44546e32181d8910d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Tue, 15 Feb 2022 00:29:01 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "32d14-5d8039ea27b17"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 208148

GET
H/1.1 200
OK Rutkowski059_web1-625x345.jpg
52.64.66.132/wp-content/uploads/2022/02/ 52 KB
52 KB 271ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/Rutkowski059_web1-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: e96610e27e9f3cca9818d01d9f48ce2e62ad6b0c53b6fbb77b387475db96ea8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Sun, 06 Feb 2022 23:02:38 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "d077-5d7617aff22fd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 53367

GET
H/1.1 200
OK AdobeStock_304035357_web-625x345.jpg
52.64.66.132/wp-content/uploads/2022/02/ 42 KB
43 KB 280ms
280ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/AdobeStock_304035357_web-625x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: 3944114f9b153d0184dec74f3badca12ecd3b259be3e79b961ffa1f86f520420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Wed, 23 Feb 2022 00:06:40 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "a949-5d8a43d7374be"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 43337

GET
H/1.1 200
OK AdobeStock_416872788_web-623x345.jpg
52.64.66.132/wp-content/uploads/2021/08/ 66 KB
66 KB 280ms
280ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2021/08/AdobeStock_416872788_web-623x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: a85a8c6eb0e62a088ee8a2c3022a6c9473636b9fe8d6d4e784494a92528658e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Wed, 04 Aug 2021 01:20:56 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "10839-5c8b19d37ce00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 67641

GET
H/1.1 200
OK desktop-gdv-screens_web1-624x345.jpg
52.64.66.132/wp-content/uploads/2022/02/ 35 KB
35 KB 270ms
270ms Image
image/jpeg 52.64.66.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://52.64.66.132/wp-content/uploads/2022/02/desktop-gdv-screens_web1-624x345.jpg
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 52.64.66.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.48 (Unix) OpenSSL/1.1.1d /
Resource Hash: ae45572cc4a665378e3632602bad350a8c972de66e60ad6cca7378ab4ab1b41a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Last-Modified: Thu, 03 Feb 2022 22:52:22 GMT
Server: Apache/2.4.48 (Unix) OpenSSL/1.1.1d
ETag: "8bb2-5d724fcbd7c97"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 35762

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 87ms
17ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:55 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=40163
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2

200

plugin.js Show response
plugin.mediavoice.com/
Redirect Chain

http://plugin.mediavoice.com/plugin.js
https://plugin.mediavoice.com/plugin.js

367 KB
137 KB

109ms
51ms

Script
application/javascript

2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: H2
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38214
content-type: application/javascript
content-length: 139683
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Thu, 24 Feb 2022 16:49:25 GMT
server: cloudflare
etag: W/"6217b715-5bd46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2245535872 2245330666
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6e5f50418b7e3756-MXP
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 02 Mar 2022 17:36:15 GMT

Redirect headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://plugin.mediavoice.com/plugin.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6e5f5040fea0599b-MXP
Expires: Thu, 03 Mar 2022 04:33:56 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_GB/
Redirect Chain

http://connect.facebook.net/en_GB/all.js
https://connect.facebook.net/en_GB/all.js

3 KB
2 KB

7ms
7ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06430bb701134867a9eb41cb3edef73fa1905d85ff949abaa875131f8f64370e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XhAz38p6TOmraXKwPkBGMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 03 Mar 2022 03:40:30 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: NFvpnsrzRpWvUhYolLpYAKX5N+bEnmfc+x+fpjx1+7lhUYDLut+GNyHASfxjIlConz2DOh199Q5Rz3Gu6c6Z9g==
x-fb-trip-id: 917726464
x-fb-content-md5: 1c6809d5ba48a00987ed0b5856e23e17
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Mar 2022 03:33:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f8f6a1206d9b4fe145e34f6c2b9cf3df"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_GB/all.js#xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 plusone.js Show response
apis.google.com/js/ 53 KB
21 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918949f9d5713f7b8184718f52e8d1d8793bfc04d794cf5f1efd18636ca08420

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 03 Mar 2022 03:33:56 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9cf7be837b9a860e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 pubads_impl_2022022801.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
122 KB 29ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124783
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 09:34:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 20:25:05 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 34 B
684 B 36ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=52.64.66.132

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

42164310418466277278b10facfb6907ad7cf8b5cbce814f4893a3934bfdf459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48
x-xss-protection: 0
expires: Thu, 03 Mar 2022 03:33:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 15ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1834934621&t=pageview&_s=1&dl=http%3A%2F%2F52.64.66.132%2F&ul=en-us&de=UTF-8&dt=Spatial%20Source%20%7C%20news%20on%20mapping%2C%20geospatial%2C%20surveying%20%26%20geo-data&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1859028389&gjid=1459153322&cid=327237310.1646278436&tid=UA-944137-41&_gid=1343164723.1646278436&_r=1&_slc=1&z=1569693031

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74c...
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74...

43 B
336 B

137ms
123ms

Image
image/gif

104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 115
date: Thu, 03 Mar 2022 03:33:56 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4bf3fff7f77d9d0cce4283910eb2d9d787d91829e240ed85cc19914229c17e2a
content-length: 43

Redirect headers

location: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F
x-response-time: 100
date: Thu, 03 Mar 2022 03:33:55 GMT
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: e22b484db6776a0fd710b5c2bf5f76312fd51bcef1f777836549ae2c35eefe60
content-length: 0

GET
H2 200 1254366301255276 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1254366301255276?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9aed62523e942ff01300e2331f6b0ce030698f5a13ed3c453d89c59b2d31f9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89115
x-xss-protection: 0
pragma: public
x-fb-debug: uEHoO2USsfP2hWRftqVIn46UKPeR6Q9P0AbTXphYu1sEfTWQeqRErrxhqx7SZvjKxKO8wJRz8WZup/zBAA8K8g==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Mar 2022 03:33:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 4E32 47 KB
15 KB 28ms
26ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df981a01695742a1661653eedb6ee05ef84c79ada6eb8a4bedbbc6a981e25005

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Age: 942
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 14284
X-Served-By: cache-iad-kiad7000169-IAD, cache-mxp6929-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278436.018593,VS0,VE1
ETag: "621e3424-37cc"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK E-v1.js Show response
fast.wistia.net/assets/external/ Frame 4E32 592 KB
142 KB 31ms
15ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c6e4dd10637ea492491405e1a773e38ae8f15c21d6c5d004715f367c39e2322a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Age: 943
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 145256
X-Served-By: cache-iad-kjyo7100101-IAD, cache-mxp6928-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278436.033715,VS0,VE0
ETag: "621e3424-23768"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 2, 883

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 64ms
21ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-944137-41&cid=327237310.1646278436&jid=1859028389&gjid=1459153322&_gid=1343164723.1646278436&_u=IEBAAEAAAAAAAC~&z=921065501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Mar 2022 03:33:56 GMT
content-type: text/plain
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swatch
fast.wistia.net/embed/medias/kdmm5j2n7u/ Frame 4E32 4 KB
4 KB 161ms
118ms Image
image/jpeg 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/kdmm5j2n7u/swatch

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c8bb0be9d12c1540f55eb74341fd4ba16db3bb4f03787e36cca877ceddae926

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
access-control-request-method: *
age: 58762
x-cache: HIT, MISS
content-disposition: inline
content-length: 3987
x-served-by: cache-iad-kiad7000080-IAD, cache-mxp6955-MXP
access-control-allow-origin: *, *
x-browser-version: 99
last-modified: Mon, 21 Feb 2022 05:54:14 UTC
x-timer: S1646278436.061159,VS0,VE100
strict-transport-security: max-age=0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: public, no-cache, max-age=31535945
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 290 KB
83 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=eb81c1c4bca2b9d87948a2cc194027c8

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c377ef64ffd29d200b415fcab1ff4922473c4c47daa792f4f91eae1b559135ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://52.64.66.132/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JhSSe8ULSd+ij67aotm/3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84490
x-fb-rlafr: 0
x-fb-debug: sJy8pfnwRetaYJUN/+Yy9oRFTGNDK9BOzasRQxdG06sWb8k3ajP7PmfRouEHfWPPLkjgqIjkhCtRfzC+R9qRxA==
x-fb-content-md5: 5a086d69506d92bd4f644b804beb3613
x-frame-options: DENY
date: Thu, 03 Mar 2022 03:33:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "9a8b71202332ff2b581ed789a312e868"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Mar 2023 02:11:50 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254366301255276&ev=PageView&dl=http%3A%2F%2F52.64.66.132%2F&rl=&if=false&ts=1646278436037&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.3.1646278436036.1974199043&it=1646278436001&coo=false&rqm=GET

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 22ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254366301255276&ev=spatialsource&dl=http%3A%2F%2F52.64.66.132%2F&rl=&if=false&ts=1646278436039&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.3.1646278436036.1974199043&it=1646278436001&coo=false&rqm=GET

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 60 KB
23 KB 22ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23157
x-xss-protection: 0
server: cafe
etag: 4826357405056662325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 04:21:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 47ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=52.64.66.132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
22ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=52.64.66.132

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 182 KB
22 KB 76ms
75ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1614525851709563&correlator=2544317732942865&eid=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=2022022801&ptt=17&impl=fifs&sfv=1-0-38&ecs=20220303&iu_parts=58625620%2CSS_LB%2CSS_MREC1%2CSS_MREC2%2Css_skin%2Css_roadblock%2Css_strip&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%2C300x250%2C300x250%2C1920x1200%2C300x250%2C600x44%7C600x45&cust_params=ip%3D217.64.151.32%26url%3DHome%26post_type%3Dpage&sc=0&cookie_enabled=1&abxe=1&dt=1646278436098&lmt=1646278436&dlt=1646278433838&idt=2220&biw=1600&bih=1200&oid=2&adxs=300%2C648%2C648%2C-160%2C-9%2C315&adys=144%2C663%2C1360%2C76%2C-9%2C540&ucis=1%7C2%7C3%7C4%7C5%7C6&adks=1727162820%2C549555199%2C3182220592%2C1869964590%2C2287901567%2C2790927923&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&bc=23&url=http%3A%2F%2F52.64.66.132%2F&rumc=1614525851709563&rume=1&frm=20&vis=1&scr_x=0&scr_y=0&psz=1000x0%7C303x12%7C303x12%7C1920x-1%7C0x-1%7C970x1976&msz=1000x0%7C303x0%7C303x0%7C1920x-1%7C0x-1%7C600x-1&ga_vid=327237310.1646278436&ga_sid=1646278436&ga_hid=1834934621&ga_fc=true&fws=0%2C0%2C0%2C512%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C-1%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a233bef5e60a7a0412d72121709728b61f93417dcbf5ca90a646a6c07a7b6d9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22696
x-xss-protection: 0
google-lineitem-id: 5866044665,5732830981,5909618316,5935342019,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379295304,138354801668,138380103131,138382673546,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://52.64.66.132
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD2E 6 KB
4 KB 80ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 03 Mar 2022 03:33:56 GMT
expires: Fri, 03 Mar 2023 03:33:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
19ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-944137-41&cid=327237310.1646278436&jid=1859028389&_u=IEBAAEAAAAAAAC~&z=1149461321

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-944137-41&cid=327237310.1646278436&jid=1859028389&_u=IEBAAEAAAAAAAC~&z=1149461321

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8838799.js Show response
js.hs-analytics.net/analytics/1646278200000/ 73 KB
21 KB 276ms
197ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1646278200000/8838799.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea889ab294c97ce36eef4afb0740fed9be8178898132702e2e74dddf83228b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YS37PJ8C3PPN3YES
x-amz-server-side-encryption: AES256
cf-ray: 6e5f50426bdc83b8-MXP
x-amz-id-2: ZdvXyFs2vmZDZBnjc8vq7BBUzxpM1eC63lR2aOXP6hZpiux+v5wx5M2XHNQsKRsW/Bboi8nO5qs=
last-modified: Sun, 27 Feb 2022 22:16:28 GMT
server: cloudflare
etag: W/"237664009337a65be37d9fc6c3e13781"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 03 Mar 2022 03:38:56 GMT

GET
H2 200 8838799.js Show response
js.hs-banner.com/ 62 KB
16 KB 499ms
458ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8838799.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8838799.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5171bda285ef7cdcf0d8044844108116207535ed7d748532f379795161734fda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: CYD3DRWS8KPVKY9J
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: /leyLDiHMO9ydVcXKyywzEJcWRt7k2H7FOlQhAVALdRUErhVbdm+Wl92uvrR+x5F5DYav6/b8wU=
timing-allow-origin: *
last-modified: Wed, 23 Feb 2022 05:46:42 GMT
server: cloudflare
etag: W/"7a95b00011b03e981b50105f0cd8c7c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7VDxEuVsDaSHHREsE2kvKY0Qh6GBspMb
access-control-allow-origin: https://www.sprinter.com.au
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6e5f50422eee0f6e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 03 Mar 2022 03:38:56 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 64ms
40ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 756
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6e5f5042081be8ff-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 06 Mar 2022 03:33:56 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 149 KB
51 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 11:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52401
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:59:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 11:24:56 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 49ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~l0afob3j&c=1614525851709563&e=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYlhcgOioECAESAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4252 0
0 49ms
48ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM-xrlA3Pgn2C0TOSKp1OMfdaEyWGYCPCNcsVIdDMA6Q9A8VCmR_uijOQqJiGaZamBEwKppHeo8-5xsCW1wCldfVQ2grCxVV30ROcA4FJEGZaFktbnd7oIlANtXwU2nSSPOdhG4skokiC8yKK9tOnwPdpnAyH2g7JZ6xBh4U4cFxolNt0ixgR8RABmZl2X95CA_a73sb1XkzWk0x7ehOf7WIWPGGSyc24-UCIS0CNPkCJ0Tt4NBmt3mVBb26_r5gcqSU_G_4XVo7CTY9JPRiK4E8n38H1tQZFVMMryXJI&sai=AMfl-YR24M77M83YLI3dX7e-5c-oXF7e8k0aZ5Nv4ROawlLs7fy0Ix4YmAS9jTGOeRmXMJbfVd1TjzBr06NzMVOqrJSszrt5jZDct0Nbo_cQpIJebku2GZiEu-S-uOWc_2HW&sig=Cg0ArKJSzHt4e1rn3k-9EAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 4252 19 KB
8 KB 49ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:28:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 4252 2 KB
1 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4252 124 KB
39 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 4252 0
0 21ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQcN0Lzm7HSeycQSCsWF-U0nGTLpX3S6hhDFxJhgLCHzqIZkKZPhH3EWl_cuISpDWYxA1YD5PipC6wFgrpR4P6YJr2o4Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol: HTTP/1.1
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 4973056718578566429
tpc.googlesyndication.com/simgad/ Frame 4252 115 KB
115 KB 62ms
23ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4973056718578566429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efaf98ce574d277d388cd1033f81152520fbb85fd4a9ab76740855179f8c6f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 10:23:24 GMT
x-content-type-options: nosniff
age: 148232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117282
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 22:00:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 10:23:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A634 0
0 46ms
46ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZAdoHGB8Lncel628GO4150oj9GjVEkmpQSmeQpWdfK1Ff0f5a4G7B0eYpMBJ7yNUCEIvebVZgedW1j968bYvdPMpAIfUKPif0yTQk1qWclLrUIIwwzyosyIDZvHJKdy7WnLWZ71t9DLxMrU79arsJeD7059-bRurXyBGlI3PsUU4gS94jHIdfjux2W2VhoPN0EgIfSxmeGvTMvrJ78AEk3fX5PJbwdgNEk94L_JpeFE_1Dj2bAP9hNYp6OfvWSCBLGrocGVrfZSyzIzTiSrVOz3-3geK3UAkuGcQeV1gb470&sai=AMfl-YT7VRiu0raCHyPGW_8y9Cd6_vMVFW2lg8gr-qn9GEh-TJ2Id2YehlQJSrRJxX-eyJfZy6j6pzp2Hy1DjbJqtYUqUrG-QXVO3nDNpZWSk4q8AYvX3Uhs_kbCrPfsXabw&sig=Cg0ArKJSzHtVVBUG8UceEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame A634 19 KB
8 KB 45ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:28:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame A634 2 KB
1 KB 50ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A634 124 KB
38 KB 60ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame A634 0
0 20ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaShZsgh8RZ4K435ayz-RoQgK_BGio6Rdm0tiCGuu4p4fYAJOqD7C5ymIeyifVzT0di4TslsyOjYSisQIu4Zpzmk7sBZcA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol: HTTP/1.1
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 4676068608318854684
tpc.googlesyndication.com/simgad/ Frame A634 17 KB
17 KB 54ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4676068608318854684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe832ee996a6079d3f19caf700cef24dd9e69e2a33d923e8991ad8c2f0ac24ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:52:40 GMT
x-content-type-options: nosniff
age: 218476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 00:40:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Feb 2023 14:52:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79D5 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf8h-0KzBIW6aOjKVylcqBvqx1eezfJT4wlUD_pihSyDNaw1fBIpvj-3kHdOB7pv7_MMdIlYlyL5APmdjHXefY-ZmzOZi79dwTPEOwV1WunDRJeOsAe9hh0o-IzB2nKu3_-aubVbLKXBgM5vIkErPiQFJlfr5Bw3SjvCIfeWT-VS2dgFU2VOU1ONTzZLWwREUZ2r-mKFAxrARO9ebkPmePFE9iDKTIp6eAq4rBPvuKz7db3vggzoRDyjHR7keWp5vI3JnAwC5cFqds_mm23lyA0e3Bf2YqytXMFLppz9V1Gec&sai=AMfl-YRCXd4bnV98qA1-wM0ayzepHCZ71n8izE054o3VDj0LZJ9oAoUhFXz3w3wjJiZ4OE5PCk5U11LkpIw_PZ24S96_wJ6L6I-bG_GCfTmV6QXIHtD5133QSuy593gDhqSy&sig=Cg0ArKJSzCtdJXDqxjybEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 79D5 19 KB
8 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:28:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 79D5 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79D5 124 KB
38 KB 46ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 14626753481764807202
tpc.googlesyndication.com/simgad/ Frame 79D5 59 KB
59 KB 17ms
17ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14626753481764807202

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4ec89099e4cb0b44951c2cee2822fa3b38cab19001be8caf9c7798cc0e4969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 14:27:05 GMT
x-content-type-options: nosniff
age: 220011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60425
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 21:33:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Feb 2023 14:27:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89FE 0
0 49ms
48ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOVXqp5c5uY53jCb1IwcKhk_evyEzLpDk9_Ym8-ZAj2AzmNsluh4AkEljIGY14h-KrR488LZK78S6RIWeZGn4nLsNEvYv0tUZbY6GCU0Hp_7wCvqWIQyVjdyuPM1LUEODTFNCv7EPgxJla735TZlsBeHlcS0oe26rC0IgWQDs1xRW6K770O5B8XzCEG7md0Ww8oVpzybhH5ZKH14nSvcOTLd0AsiRUKmYVVbrGIujvO53ymNsrbyqy_lzrR3BcgiPgLKJsBl6FcPJfn8VGv5ZDtPA8zZquactTC33V6kUh_A&sai=AMfl-YRuoyi7N9fbuByNwGzV4nxusy7AFIcgHDEv3LbiE0hdsO9p492o6md4L7Dg6_yOHvG_hN4kITbx5wkoknDWF7ayemVzva-S6qneMpuO55hC6QTVSw6A_ME0kjHJWrAz&sig=Cg0ArKJSzMDpGH5f_S7WEAE&uach_m=[UACH]&adurl=

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 89FE 19 KB
8 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:28:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 89FE 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 03:03:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89FE 124 KB
38 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame 89FE 0
0 23ms
17ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQUhy5NQ5GrGtFp9I9--TQDwrc7nI7baL64VS-7wQs02QZBhZ8ip8MWlOxDumZdbD_it48JfVHGzo3Y9q1E5pj6l4ygEg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442
Protocol: HTTP/1.1
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 6966905266774901810
tpc.googlesyndication.com/simgad/ Frame 89FE 533 KB
534 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6966905266774901810

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022801.js?cb=31065442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a3b7adae4886e2c4530adf155050650d83dcad8c604fff6c461ed211e93ec45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 12:37:08 GMT
x-content-type-options: nosniff
age: 140208
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 546212
x-xss-protection: 0
last-modified: Sun, 27 Feb 2022 23:44:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 12:37:08 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 34ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=2~l0afob4z&c=1614525851709563&e=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYuBggMioECAgSAA&qqid.1=CLypjIuBqfYCFcMc4AodnpULFg&qqid.2=CL2pjIuBqfYCFcMc4AodnpULFg&qqid.3=CL6pjIuBqfYCFcMc4AodnpULFg&qqid.4=CL-pjIuBqfYCFcMc4AodnpULFg&qqid.5=CMCpjIuBqfYCFcMc4AodnpULFg&qqid.6=CMGpjIuBqfYCFcMc4AodnpULFg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wistia-mux.js Show response
fast.wistia.net/assets/external/ Frame 4E32 132 KB
40 KB 18ms
17ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8e7798ef36d36df1886eb4900f3644d3eabd5ef406d7b6fa9b91c8da4844ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Age: 943
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 40540
X-Served-By: cache-iad-kjyo7100082-IAD, cache-mxp6928-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278436.306692,VS0,VE1
ETag: "621e3424-9e5c"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
DATA 200
OK truncated
/ Frame 4E32 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer: http://fast.wistia.net/
Origin: http://fast.wistia.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK swatch
fast.wistia.net/embed/medias/kdmm5j2n7u/ Frame 4E32 4 KB
5 KB 17ms
17ms Image
image/jpeg 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://fast.wistia.net/embed/medias/kdmm5j2n7u/swatch

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c8bb0be9d12c1540f55eb74341fd4ba16db3bb4f03787e36cca877ceddae926

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Access-Control-Request-Method: *
Age: 58762
X-Cache: HIT, HIT
content-disposition: inline
Connection: keep-alive
Content-Length: 3987
X-Served-By: cache-iad-kiad7000080-IAD, cache-mxp6928-MXP
Access-Control-Allow-Origin: *, *
X-Browser-Version: 99
Last-Modified: Mon, 21 Feb 2022 05:54:14 UTC
X-Timer: S1646278436.390923,VS0,VE1
Strict-Transport-Security: max-age=0
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/jpeg
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: public, no-cache, max-age=31535945
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK de9160e4317ea58b1b5a2e5cfa335838.webp
embedwistia-a.akamaihd.net/deliveries/ Frame 4E32 20 KB
20 KB 284ms
224ms Image
image/webp 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/de9160e4317ea58b1b5a2e5cfa335838.webp?image_crop_resized=640x359
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79a3b279d98796f9747f6a38f0a2206dd502a907125cd36b4a42e259f824f138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Access-Control-Request-Method: *
surrogate-key: de9160e4317ea58b1b5a2e5cfa335838 thumbnail-delivery
Last-Modified: Mon, 21 Feb 2022 05:54:14 UTC
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=31461599
content-disposition: inline
Connection: keep-alive
Accept-Ranges: none
Content-Length: 20292

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 15ms
15ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=3~l0afob78&c=1614525851709563&e=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&ctx=1&met.6=6.1_Cg0YrhkgNCoGCAYSAhAB
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/16346010-a56d-4eb8-b2c5-4f7578a2b650/ 4 KB
2 KB 337ms
336ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/16346010-a56d-4eb8-b2c5-4f7578a2b650/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bcd425e8202ee7c548920cf84a921ac4fa67ef8e96ad19b5e2dc121c4468bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 44c73c5c-6c31-4515-8fce-4893364353c2
x-runtime: 0.022986
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5bcd425e8202ee7c548920cf84a921ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6e5f50439bb53762-MXP
access-control-allow-headers: SDK-Version
expires: Thu, 03 Mar 2022 04:33:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4252 0
0 62ms
48ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIo4etRyIGLsmDgaktpzbmiPtBxzbmLBnxRZYquKvbsT9_hSN8TyczsHZvlqyQPwOVtoJE5_IoRzAD469clBwg9bmWVsNroUrqCiWyWQt9WTIWwemrGVfhc-3uFOT4--SvfBD5cSszQsjBgnUEFvUaHc663YEHyUSxDscJ4PJhY5I32PHiLWUiqyNM7QKxm_jOnr8yZu7eftjTZsbVuf8peRLKMgghbeTUXc7SbmNzSj4OVHekQTWTS2eEshWsSIzEYlkrcaZlvjUzrgQwB7x4p6ydbVjoEgkPKQfOo7LEQw&sai=AMfl-YRT2Ffq_ubGTGw7pZ2z9zbOn6CqDuCf6Wrt6LOgKGNLgtGgi8bxOZ4jtEqFW7w7MhTGMq00nsPpPtZ7zD3vfSS0R5gJZ8BCqYlxLDRvmu3t9AH-GDCPypvm8y4p9-P1&sig=Cg0ArKJSzM0EQjxVOdvdEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
DATA 200
OK truncated
/ Frame 4252 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 272e0ec4c6f86ff0d5570e4a630a8f3b6877c71ef921803612cdf848fdc35dc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 15ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=4~l0afobaf&c=1614525851709563&e=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&ctx=1&met.9=1.28c~13.29k~2.2al~9.0~3_1.2by~7_1.0~7_2.0~7_3.0~7_4.0~7_5.0~7_6.0~4_1.2ex~5_5.2f8~5_6.2f8~5_1.2fe~5_2.2fm~5_3.2fs~5_4.2fy&met.3=827.2aq~90.2ar~88.2ar~88.2ar~88.2ar~88.2ar~89.2ar~90.2ar~88.2ar~88.2ar~89.2ar~90.2ar~88.2ar~88.2ar~88.2ar~88.2ar~89.2ar~90.2ar~88.2ar~88.2ar~88.2ar~88.2ar~89.2ar~90.2ar~88.2ar~88.2ar~89.2ar~74.2ar_1~44.2as~53.2at~947.2at~43.2at~74.2at~947.2au~43.2au~74.2au~947.2au~43.2au~74.2au~947.2au~43.2au~74.2au~947.2au~43.2au~74.2au~947.2au~43.2au_1~947.2aw~86.2aw~947.2aw~6.2aw~947.2aw~14.2aw~91.2aw~947.2ax~1.2ax~76.2ax~947.2ax~1.2ax~76.2ax~947.2ax~1.2ax~76.2ax~947.2az~95.2ay_2~947.2b0~95.2b0~947.2b1~95.2b0~947.2b1~95.2b1~947.2b1~95.2b1~77.2aq_b~724.2b4_1~724.2b5~724.2b5~724.2b5~724.2b5~724.2b5~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~724.2b6~895.2b7~894.2b7~872.2b7~895.2ba~907.2bh_1~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~808.2bz~112.2cx_1~246.2ec_2~646.2ex_1~646.2ey~646.2ey~646.2ez~646.2ez~646.2ez~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f0~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f2~800.2f3~800.2f3~800.2f3~800.2f3~800.2f3~801.2f8~825.2f8~801.2f8~825.2f8~801.2f9~355.2f9~825.2f9~801.2f9~355.2f9~825.2f9~708.2fa~708.2fb~825.2fb~825.2fb~653.2ff_7~653.2fn_5~653.2ft_5~653.2fy_7~801.2g6~825.2g6~801.2g6~825.2g6~801.2g6~825.2g6~801.2g6~825.2g6~801.2g6~355.2g6~825.2g6~801.2g6~355.2g6~825.2g6~801.2g6~355.2g7~825.2g7~801.2g7~355.2g7~825.2g7~708.2g7~708.2g8~708.2g8~708.2g8~825.2g9~825.2g9~825.2g9~825.2g9~825.2g9~825.2ga~825.2ga~825.2ga~647.2ga~246.2gn~863.2hz~863.2i0~863.2i0~863.2i0~680.2i0~680.2i0~680.2i0~680.2i0~246.2ju~863.2lp~863.2lp~863.2lp~863.2lp~680.2lp~680.2lp~680.2lp~680.2lp~863.2lq~863.2lq~863.2lq~863.2lq~680.2lq~680.2lq~680.2lq~680.2lq~863.2lq~863.2lq~863.2lq~863.2lq~680.2lq~680.2lq~680.2lq~680.2lq~863.2lq~863.2lq~863.2lq~863.2lq~680.2lq~680.2lq~680.2lq~680.2lq~863.2lq~863.2lq~863.2lq~863.2lq~680.2lq~680.2lq~680.2lq~680.2lq~863.2lq~863.2lq~863.2lq~863.2lq~680.2lq~680.2lq~680.2lq~680.2lq~863.2lq~863.2lr~863.2lr~863.2lr~680.2lr&met.10=1_1.INwXEAAIABiAmHUoAQ~1_2.INwXEAAIABiAmHUoAQ~1_4.INwXEIDibQiA0IwBGICYdSgB~1_6.INwXEPjSAQj40gEYgJh1KAE~1_3.INwXEAAIABiAmHUoAA~1_6.IPsYEAAIABiAmHUoAA&met.7=CBsQCMABifGaMg~CBsQByCBBjiPAsAB5vzckQU~CBsQByCBBjiZBsABmIPKgwg~CBsQByCBBjiaBMABrJjt5Q4~CBsQByCBBjidBMAB07Pz1g8~CBsQByCBBjidBMABzv2HwAU~CBsQByCBBjidBMABxaSNpg0~CBsQByCBBjidBMAB28jV3Ao~CBsQByCCBjinBsABsdrblQg~CBsQByCCBjiqBsABi5ye8wQ~CBsQByCCBji5CMABr7fU3A8~CBsQByCCBjiuBsAB1eS2Yw~CBsQByCCBjjSB8ABifGaMg~CBsQByCCBjipCMAB3qnorgU~CBsQByCCBji0CMAB7KeolgE~CBsQByCCBji0CcABifGaMg~CBsQCiCCBji8CsAByo2uogE~CBsQCiCDBjjGCsABrogj~CBsQCiCDBjjJCsAB8J_e6AM~CBsQCiCDBjjKCsABo-K7gQI~CBsQCiCDBjjBC8ABrKT6qgY~CBsQChgBIIMGKIMGMKgGOCVAhgZIhwZQhwZYmwZgjAZomwZwogZ4te0BgAGJ6wGIAdWcBbABAbgBA8ABgYa1Bw~CBsQCiCDBjjtC8ABh6SDzQM~CBsQCiCDBjjXDMABs6KFugc~CBsQCiCDBjjXDMABwOOLZw~CBsQCiCDBjjXDMABx7y2rA0~CBsQCiCEBjjYDMAB1djpnwU~CBsQCiCEBjjODcABtv6ZhQ0~CBsQCiCEBjj6DcABoMSTsgg~CBsQCiCEBjjlDsABsKnfxwE~CBsQCiCEBjjlDsABtLf5lAw~CBIQBxgBIIQGKIQGMJ8GOBtAhwZIhwZQhwZYjQZojQZwngZ4sQiAAYUGiAHwO6oBvwEKTE1lcnJpd2VhdGhlcjozMDAsOjMwMGl0YWxpYyw6cmVndWxhciw6aXRhbGljLDo3MDAsOjcwMGl0YWxpYyw6OTAwLDo5MDBpdGFsaWMKb1NvdXJjZStTYW5zK1BybzoyMDAsOjIwMGl0YWxpYyw6MzAwLDozMDBpdGFsaWMsOnJlZ3VsYXIsOml0YWxpYyw6NjAwLDo2MDBpdGFsaWMsOjcwMCw6NzAwaXRhbGljLDo5MDAsOjkwMGl0YWxpY7ABAbgBA8AB9azS5AU~CBsQCiCEBji4AsAB_tuezwk~CBsQByCEBji6CMABoqOEqgE~CBsQByCEBjjdCcAB7KXo-QY~CBsQByD9Bzj5DsABi_TXyAE~CBsQByD9BziBD8ABo-DhkQc~CBsQByD9BziBD8ABjPfNtQo~CBsQByD9BziCD8ABpqakng8~CBsQCiD9BzjfDsAB3tHO2QE~CBsQCiD9BziDD8AB-M-cmg4~CBsQCiD-BzjzDcAB0d74gg0~CBsQCiD-BziDD8ABkefCpQo~CBsQChgBIP4HKP4HMMgVOMoNwAHVi72SDA~CBsQCiD-BzjgDcABpL-kqQc~CBIQAhgBIJAIKJAIMLYIOCZQkQhYpQhglghopQhwtgh4owiAAfcFiAGOVqoBJQojU291cmNlK1NhbnMrUHJvOjQwMCwzMDAsNjAwLDcwMCw5MDCwAQG4AQPAAdbHu8gK~CA0QChgBIOoUKOoUMP8VOJUBQN4VSN4VUN4VWOYVaOgVcPcVePLcAYABxtoBiAHfjwWwAQG4AQPAAdLFodEP~CBsQCiDqFDieAcAB2euw8wo~CBsQCiDqFDieAcAB9e29jgs~CBsQCiDuFDiyAcAB9LK_vwQ~CBMQAhgBIPQUKPQUMIgVOBRA9BRI9RRQ9RRY-hRo-hRwgRV46J4BgAG8nAGIAbycAaoBEgoMbWVycml3ZWF0aGVyEBwYArABAbgBA8ABrqTMnQQ~CBMQAhgBIPQUKPQUMJIVOB5A9BRI9RRQ9RRYiRVg-hRoiRVwkBV4qGiAAfxliAH8ZaoBEwoNc291cmNlc2Fuc3BybxATGAKwAQG4AQPAAdLT9ZsN~CBMQAhgBIPQUKPQUMIYVOBJQ9RRY-hRo-hRwgRV4mGiAAexliAHsZaoBEwoNc291cmNlc2Fuc3BybxATGAKwAQG4AQPAAbf8qMkE~CBMQAhgBIPoUKPoUMJYVOBxoiRVwkhV4qGeAAfxkiAH8ZKoBEwoNc291cmNlc2Fuc3BybxATGAKwAQG4AQPAAcSwnJ4H~CBMQAhgBIIQVKIQVMI8VOAtohxVwjRV41JwBgAGomgGIAaiaAaoBEgoMbWVycml3ZWF0aGVyEBwYArABAbgBA8AB_ba-kQI~CBsQCiC3FTgywAHSlr2ZBA~CBsQBSC4FTinAcABtZaqmwI~CBsQCiCZFjhYwAHO_uHZAw~CBsQChgBIMAWKMAWMPIWODLAAZHauLgN~CBsQChgBIMEWKMEWMJcXOFZA8BZI8RZQ8RZYhRdg9xZohRdwlRd43qIBgAGyoAGIAZelA7ABAbgBA8ABoNj1Fg~CA4QChgBIM0WKM0WMPYWOCpAzRZIzhZQzhZY4hZg0xZo4xZw6hZ4m9EHgAHvzgeIAaTlFrABAbgBA8ABx8Oi2Qc~CDwQDRgBIM4WKM4WMPMWOCVQzhZY4hZg1BZo4xZw8hZ43AKAATCIASKwAQG4AQPAAejUr80J~CBsQDSDbFjgQwAGAkfKHCA~CBsQCiDkFjgQwAH19tXqCA~CBsQCiDlFjgHwAGGlPk1~CCgQDRgBIOwWKOwWMK8XOELAAeKygLkD~CBsQCiDvFjgfwAGS5OnQDA~CBsQBiCKFzgXwAGy5M_6Cw~CBsQBiCKFzgXwAGy5M_6Cw~CCgQChgBILAXKLAXMMkXOBlQsRdYwBdgsRdowBdwxhd4obcBgAH1tAGIAd_gA7ABAbgBA8ABm-H6cA~CBsQCiD6FjiiAcABkJqTmAU~CC8QBxgBILgXKLgXMOgXOC9AuRdIuRdQuRdYzxdgwBdo0Bdw5xd4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBILkXKLkXMOcXOC5AuRdIuRdQuRdYzxdgwBdo0Bdw5hd4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CA8QDRgBIM4XKM4XMJ4YOFBo0Bdwmxh41LMBgAGosQGIAZWxC7ABAbgBA8ABv96a6wY~CBsQBhgBINgXKNgXMIsYODJQ6BdY9xdg6Bdo9xdwihh41gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQBhgBINgXKNgXMJMYODtA6RdI6hdQ6hdYgRhg8BdogRhwkxh41gKAASqIASqwAQG4AQPAAf23jOYB~CBsQChgBIPAXKPAXMJMYOCPAAbSig-EI~CBsQARgBIKYYKKYYMNcYODHAAaSg_KUH~CBsQBiCEBjiBE8AB2fmxTQ~CBsghAY4iRPAAdb76rcC~CBsQBiCEBjiJE8AB046TlAM~CBsQBiCFBjiJE8ABucWTgA8~CBsQCiDfFzhrwAGi4bD4Ag~CBsQARgBIPcYKPcYMJoZOCPAAaSg_KUH
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79D5 0
0 46ms
45ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOsdT3up9lsppir33TgC8x9BqmJrr5_1aL3g8NwJeHCUg8JQ1fB_NBssj0VCICwdYG8q5bZfmsrlid4ntYHUXjo6AX2mKjyMHJyex8eWjWye2abESiKqrojsTD4cD_WAGv8OGNWfaQhaFPHD91o2Z2aGQdLAOohEsfqknu4WqAlXI8Yy94-aHqlmrVix2ffiIkhC7KNE5czrPvUMA2r6a8sMVzA7F2VxwnPQxi0uE6qyufSNhVsgFd41A4xpZMpkuHJv5eFvDH9sTMEFQSf8usK0UUeJ55pxYFFa2TmOdhW_sP9w&sai=AMfl-YQx33H3RRF4spjuDU2AgypDwBeQ_1xpv6wcE6JRde7a8fCV4CFtPQMi-7R6Dv8En_P8gZBtt1bPz52EAg8i7SwcRhyXq4zIa46EaRFGfK4ALiclzExmUkHGl0u932dT&sig=Cg0ArKJSzDae59MlUmtgEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
DATA 200
OK truncated
/ Frame 79D5 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d3bad26feedd542ebc44be5d6d9666dfe173580155fc3eaf6b4c8a5e4ac5457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89FE 0
0 45ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswA0IeKRCXajWoTA2HRFC8mHsji5V2l6nMKxxcoQr9B1nBVrbrPQtG1d05rUNaZtGeuwjS23u42jGZNjwMDi8p4xZSj83bmWsIFa2x0nS5jOjXRkeg3lhNQprJtKOaMCBRAji3w8xwWL5lTJtI7pXf6ewwXlz6nsj_kvlUXOKDbEpn_l8aVT6aipul7fV2CBbbWQ5GXnDl2mSb_vr-r8Mfgx2iwq9XaUpymA4G6h8gantc1FByJ1-ksLmCe_W2_PkZySxDIJalS6DTCADnB_zCZ7B5jqa57RnWcdfKHvNtzjoU&sai=AMfl-YS_-8q4Zp0vrqU9atw6WFdhugZTdoLCl_F4HCQGyVLZWpLhyaTTHyl0up-f0qYTnj1CZuFLkUfL2OXs0DwE3Ozh0wFUKOXKU4PBwH8k0u93T0dYuPgEpW1mqW3UWx1c&sig=Cg0ArKJSzO_EbpS8P1woEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
DATA 200
OK truncated
/ Frame 89FE 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94f8bc1449072104bf4dbd741502c77d5f500a7a7e25f770795955b1c8c3321a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A634 0
0 48ms
47ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstykQeps2QAV5orL57-1GhB-0OsrgpzgU1L3q46F6nX5k_5j5HdYAu1TIYsljM7N5DlPC5i4fWhqGDvF-lxtQSIcYWwLck_WBLjqP18B6QJdI4ytrTMS2FbHcWndkdgvfYNc0QZr_jjDjgknGfPR2vW5Q2OwK4ZO3pDvjKkVpECleRwta77ASofMpN9SxK4H73NCMqoaF33e0FYnkK_dH-d2HOdfeDRdAy7PsrtB-m9ApFu0Lyjgh3PT7O4uufqn0fjD5eYCn6wi7QIyo3sfWfxq2UkgNIGnukHW44tmnJeP6GH0g&sai=AMfl-YTNWV_VeEL1SXVWfUKVtykb6Dn0OHjhMzrZzMmCDQX_VSg98KHqt4uSAPtD5EwzadHzVwX-wshCzaexlA4bI5O_r_8tG_V2IOhFctaXbjfYXTCJb3ABpKV0rgi7bvRP&sig=Cg0ArKJSzE4FicJSyWZBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 03:33:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 03 Mar 2022 03:33:56 GMT

GET
DATA 200
OK truncated
/ Frame A634 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c62090711aee80ec587c2bb975540e2f4f714d9401f4d160a2f5afd7739a0b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 89FE 60 KB
23 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23157
x-xss-protection: 0
server: cafe
etag: 4826357405056662325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 04:21:47 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame A634 60 KB
23 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23157
x-xss-protection: 0
server: cafe
etag: 4826357405056662325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 04:21:47 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4252 60 KB
23 KB 9ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23157
x-xss-protection: 0
server: cafe
etag: 4826357405056662325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 04:21:47 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 79D5 60 KB
23 KB 10ms
10ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23157
x-xss-protection: 0
server: cafe
etag: 4826357405056662325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 04:21:47 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E486 0
18 B 15ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://52.64.66.132
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

content-type: text/plain
access-control-allow-origin: http://52.64.66.132
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Thu, 03 Mar 2022 03:33:56 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 89FE 0
17 B 14ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l0afobfd&chm=1&c=1614525851709563&ctx=2&qqid=CL-pjIuBqfYCFcMc4AodnpULFg&met.4=fb.4~lb.6r~ol.7y~idt.1lf~dt.-49&met.3=736.78~735.81~740.83~113.8u_2~112.8u_3&met.1=1.l0afob6j~14.1~15.0~16.1~17.1~18.1~19.1~20.7y~21.7y~22.6l~23.6l&met.7=CCIQBBgBIAYoBjA3ODFoBnA3eKwCsAEBuAED~CAkQChgBIAYoBjArOCVoG3AqeOw_gAHAPYgBypcBsAEBuAED~CB4QChgBIAcoBzAsOCZoG3AseP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIAcoBzA3ODA~CBsQBhgBIAcoBzAeOBc~CBcQBhgBIAgoCDBKOENoG3A4eNCtIYABpKshiAGkqyGwAQG4AQM~CCIQBBgBIPEBKPEBMJ8COC5o8gFwngJ4rAKwAQG4AQM~CCgQChgBIKwCKKwCMLUCOAlorQJwswJ4obcBgAH1tAGIAd_gA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame A634 0
17 B 14ms
14ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l0afobfh&chm=1&c=1614525851709563&ctx=2&qqid=CL2pjIuBqfYCFcMc4AodnpULFg&met.4=fb.2~lb.7f~ol.8a~idt.1lq~dt.-3y&met.3=736.7j~735.8c~740.8n~113.99_1~112.99_1&met.1=1.l0afob68~14.0~15.0~16.0~17.0~18.0~19.0~20.8a~21.8a~22.6x~23.6x&met.7=CCIQBBgBIAQoBDAzOC9oBHAyeKwCsAEBuAED~CAkQChgBIAQoBDAxOC5oJnAxeOw_gAHAPYgBypcBsAEBuAED~CB4QChgBIAQoBDA3ODNoJnA3eP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIAQoBDBFOEA~CBsQBhgBIAUoBTAaOBU~CBcQBhgBIAUoBTA-ODloJnA7eJCLAYAB5IgBiAHkiAGwAQG4AQM~CCIQBBgBIIoCKIoCMLsCODFoigJwugJ4rAKwAQG4AQM~CCgQChgBILgCKLgCMMICOAlouQJwwAJ4obcBgAH1tAGIAd_gA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 4252 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l0afobfq&chm=1&c=1614525851709563&ctx=2&qqid=CLypjIuBqfYCFcMc4AodnpULFg&met.4=fb.2~lb.65~ol.8j~idt.1ly~dt.-3q&met.3=736.68~735.7p_1~740.8i_1~734.98~113.9q_1~112.9q_1&met.1=1.l0afob60~14.0~15.0~16.0~17.0~18.0~19.0~20.8j~21.8j~22.75~23.75&met.7=CCIQBBgBIAUoBTA4ODNoB3A4eKwCsAEBuAED~CAkQChgBIAYoBjA5ODNACEgWUBZYLGAdaC5wOHjsP4ABwD2IAcqXAbABAbgBAw~CB4QChgBIAYoBjA_ODhoLnA-eP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIAYoBjA6ODM~CBsQBhgBIAYoBjAdOBY~CBcQBhgBIAcoBzBQOEloLnBFeM6WB4ABopQHiAGilAewAQG4AQM~CCIQBBgBINsBKNsBMJsCOD9Q3AFY6gFg3AFo6gFwmgJ4rAKwAQG4AQM~CCgQChgBIMECKMECMMwCOAtowQJwygJ4obcBgAH1tAGIAd_gA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 79D5 0
17 B 13ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~l0afobfs&chm=1&c=1614525851709563&ctx=2&qqid=CL6pjIuBqfYCFcMc4AodnpULFg&met.4=fb.2~lb.6g~ol.86~idt.1lk~dt.-44&met.3=736.7d~735.86~740.88~113.9e_1~112.9e_1~734.9f&met.1=1.l0afob6e~14.0~15.0~16.0~17.0~18.0~19.0~20.85~21.86~22.6r~23.6r&met.7=CCIQBBgBIAQoBDAvOCxoBHAueKwCsAEBuAED~CAkQChgBIAQoBDAwOCxoIHAseOw_gAHAPYgBypcBsAEBuAED~CB4QChgBIAQoBDAyOC1oIXAxeP0LgAHRCYgB0hKwAQG4AQM~CCoQChgBIAQoBDA3ODI~CBcQBhgBIAUoBTA8ODdoIXAyeLXaA4ABidgDiAGJ2AOwAQG4AQM~CCIQBBgBIOcBKOcBMJUCOC9o5wFwlQJ4rAKwAQG4AQM~CCgQChgBILMCKLMCMMECOA1otQJwvgJ4obcBgAH1tAGIAd_gA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 4E32 59 KB
19 KB 18ms
18ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

705df238a5ec0beb0caf8c639555a4d32d9de27d2cd3be715f639c625f23f7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Age: 943
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 18435
X-Served-By: cache-iad-kcgs7200092-IAD, cache-mxp6928-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278437.682728,VS0,VE1
ETag: "621e3424-4803"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 4E32 419 KB
119 KB 27ms
27ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bbf75d0841a591d4333ca949030f3c0bb8e30e606844891d472f5fdd892c6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Content-Encoding: gzip
Age: 942
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 121349
X-Served-By: cache-iad-kjyo7100120-IAD, cache-mxp6929-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278437.695268,VS0,VE1
ETag: "621e3424-1da05"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK blank.gif
fast.wistia.net/assets/images/ Frame 4E32 1 KB
2 KB 26ms
25ms Image
image/gif 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://fast.wistia.net/assets/images/blank.gif

Requested by

Host: 52.64.66.132
URL: http://52.64.66.132/

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
Origin: http://fast.wistia.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:56 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 22546
X-Cache: HIT, HIT
X-Cache-Hits: 1, 82
Connection: keep-alive
Content-Length: 1214
X-Served-By: cache-iad-kjyo7100040-IAD, cache-mxp6929-MXP
X-Browser-Version: 99
Last-Modified: Wed, 02 Mar 2022 21:15:50 GMT
X-Timer: S1646278437.814404,VS0,VE0
ETag: "621fde86-4be"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK v2 Show response
embedwistia-a.akamaihd.net/deliveries/da0a4c14d1ac02396274e42a3bbeac14bfc6a55d.m3u8/ Frame 4E32 10 KB
11 KB 355ms
320ms XHR
application/vnd.apple.mpegurl 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/da0a4c14d1ac02396274e42a3bbeac14bfc6a55d.m3u8/v2
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8262d2ffcb082ac38f7a956d49fd4db0192e88ebd7293d166450e94ba1d852fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Access-Control-Request-Method: *
surrogate-key: da0a4c14d1ac02396274e42a3bbeac14bfc6a55d-hls-segment purge-experiment-5d
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31464920
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 10351
Expires: Thu, 02 Mar 2023 07:49:17 GMT

POST
H2 204 x Show response
distillery.wistia.com/ Frame 4E32 0
96 B 368ms
100ms XHR
text/plain 54.86.117.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.117.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-117-43.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 03 Mar 2022 03:33:57 GMT
cache-control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
embedwistia-a.akamaihd.net/deliveries/da0a4c14d1ac02396274e42a3bbeac14bfc6a55d.m3u8/v2/ Frame 4E32 206 KB
207 KB 39ms
39ms XHR
video/mp2t 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/da0a4c14d1ac02396274e42a3bbeac14bfc6a55d.m3u8/v2/seg-1-v1-a1.ts
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0cdaac1951a0e3a7fc74bbf0b1fcd1fa00c40475881b3d66dec103fa62384dd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Access-Control-Request-Method: *
surrogate-key: da0a4c14d1ac02396274e42a3bbeac14bfc6a55d-hls-segment purge-experiment-5d
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=31148351
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 210936
Expires: Sun, 26 Feb 2023 15:53:08 GMT

POST
H/1.1 200
OK mput Show response
pipedream.wistia.com/ Frame 4E32 2 B
219 B 211ms
99ms XHR
text/plain 184.73.240.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js
Protocol: HTTP/1.1
Server: 184.73.240.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-240-29.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Mar 2022 03:33:57 GMT
Connection: keep-alive
Content-Length: 2
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/plain; charset=utf-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4252 42 B
497 B 37ms
15ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXfVeka4rWJpYTbM5GoVoG453CQvY3p_n7Jj2TzjZMQnk2pjgVKaMV5rjJslSXW7hLBjMyPCiN3l7bm6hj53cUPsEwriMt-E8LOKtcL7Xh1lrBLh8F&sig=Cg0ArKJSzLxRIjmR_dOJEAE&id=lidar2&mcvt=1000&p=144,315,395,1286&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1727162820&rs=4&la=1&cr=0&vs=4&r=v&rst=1646278436232&rpt=216&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A634 42 B
64 B 29ms
15ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst92na1gffAKjkFdyBEqu2cxhq4sKQupsn7KnOO-h2nlxeyfIj4DOyVMadQuW0iNk_SX-Bvm2EMk_8Iccgi3ci8J-JdAZEcqNGbiA-2R79qYg4D4S32&sig=Cg0ArKJSzGfV0HD7AB9jEAE&id=lidar2&mcvt=1000&p=844,650,1094,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=549555199&rs=4&la=0&cr=0&vs=4&r=v&rst=1646278436240&rpt=264&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89FE 42 B
64 B 28ms
16ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYCFNzmO_kya9kyA0mHYB_XJ13N6CWZYfVcDrcDMUNQnhsSap0kwesn8qB07rDhtSAzHx2v_Lp83bb0pBxZ6kweYcn4fBIfF8Va8CMHzYst6f99I4S&sig=Cg0ArKJSzBLnGXw83r_lEAE&id=lidar2&mcvt=1002&p=76,-160,1276,1760&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220302&bin=7&avms=nio&bs=1600,1200&mc=0.78&app=0&itpl=3&adk=1869964590&rs=4&la=1&cr=0&vs=4&r=v&rst=1646278436251&rpt=240&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ 354 KB
140 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&ver=5.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b8898d71ea7db36ad425e27dd3cecf3fdc4725dc461613ba08929fd0145012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://52.64.66.132/
Origin: http://52.64.66.132
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143021
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:10:56 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=181334266&post=156&tz=11&srv=52.64.66.132&host=52.64.66.132&ref=&fcp=2689&rand=0.5254975760831031
Requested by: Host: 52.64.66.132
URL: http://52.64.66.132/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Mar 2022 03:33:57 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-513fd7cb1395bbd7/ 3 KB
1 KB 259ms
245ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-513fd7cb1395bbd7/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 106d90fc7fd9bee8a71251d6a93f013a40bdcaeffa8d94d4e0c8533eb56f918d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:57 GMT
content-encoding: gzip
etag: -739611738--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 906

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 165ms
142ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62203723152d142f&bkl=0&bl=1&pdt=2743&sid=62203723152d142f&pub=ra-513fd7cb1395bbd7&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ec2-52-64-66-132.ap-southeast-2.compute.amazonaws.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1646278437686&jsl=8321&uvs=62203723f354cb00000&skipb=1&callback=addthis.cbs.jsonp__149998361635679260
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ceb04b0140c14c631cdb2f064681774e5c7ab98047f7cd98f9a538969755d198

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:57 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BDAC 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 4A6A 71 KB
26 KB 23ms
23ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 03 Mar 2022 03:33:57 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 162ms
120ms Script
text/plain 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: http://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 113
date: Thu, 03 Mar 2022 03:33:57 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: f9ad72c49db1b6ea87f47a72590422197b0fc82f379536d343d1dd1a54b01f5d
content-length: 0
strict-transport-security: max-age=631138519

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 644B 34 KB
13 KB 59ms
59ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a16f84ec6e3f8%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff2fac9581334c64%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=eb81c1c4bca2b9d87948a2cc194027c8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19d7f1fbc95c8496d858c64e41a84a1ed53bc6616cf0ece626312294e40d5d0f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: jMRrYRaCPjuq2OO5yOJsGZsbt/Gi9LQv79SBEghXk32Hy2uzuepdLFyz4l5Dp2kMZ4LqwhAb0S6OG+KWreUbUw==
date: Thu, 03 Mar 2022 03:33:57 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H2 200 wt Show response
polarcdn-engine.com/ 3 B
492 B 482ms
436ms XHR
application/octet-stream 2606:4700::6812:863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-engine.com/wt?e=1&n=3&p=NA-SPATSOUR-11238412&s=1&u=7daff9fb-31c8-4cfe-9c51-89e4d7994790&v=2%2F19ea179&w=1.227.0&y=w&z=v1.7.8&pas=dfp&pag1=default&pag2=%2F58625620%2Fss_sc&pae=h&pai=f8570&d=52.64.66.132&pajs=div.latest-news+.posts%3Aeq(3)&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&t=atx&parcid=2d7a3&parid=5f222&parin=1&pvhref=http%3A%2F%2F52.64.66.132%2F&_=1646278436305
Requested by: Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
x-amz-request-id: 3DYH7BP78FX974EG
content-length: 3
x-amz-id-2: OS7lFFEynEcRniwmHpSLBiVYOADSuGkdSLQE+o/z090ppOmzPLPvKMAozc/ztlJZTNKEE84efFc=
last-modified: Mon, 31 May 2021 19:44:05 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e5f504c0ec63759-MXP

GET
H/1.1 200
OK ads Show response
pubads.g.doubleclick.net/gampad/ 312 B
941 B 41ms
35ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pubads.g.doubleclick.net/gampad/ads?callback=jQuery22408095879226825766_1646278436306&gdfp_req=1&correlator=2544317732942865&output=json_html&iu=%2F58625620%2Fss_sc&sz=2x2&gut=v2&ifi=1&json_a=1&url=http%3A%2F%2F52.64.66.132%2F&_=1646278436307

Requested by

Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js

Protocol

HTTP/1.1

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

68aa73cf6c689b757bbdb1d36e965812002725ef00acd9f73d9e874f840f1ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Google-MediationGroup-Id: -2
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 236
X-XSS-Protection: 0
Google-LineItem-Id: -2
Pragma: no-cache
Server: cafe
Google-MediationTag-Id: -2
Google-Creative-Id: -2
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 14ms
13ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=5~l0afobcc&c=1614525851709563&e=31064836%2C31064927%2C31064962%2C31065442%2C21068766%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY3iMgQCoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 03:33:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 4E32 26 KB
9 KB 27ms
27ms Script
application/javascript 2a04:4e42:600::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/E-v1.js

Protocol

HTTP/1.1

Server

2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9fcba14ea80a15948ec75eab4b77a7f279cd9f17975102980d27706ea0ccb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fast.wistia.net/embed/iframe/kdmm5j2n7u?videoFoam=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 03:33:57 GMT
Content-Encoding: gzip
Age: 944
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 8235
X-Served-By: cache-iad-kjyo7100107-IAD, cache-mxp6929-MXP
Access-Control-Allow-Origin: *
X-Browser-Version: 99
Last-Modified: Tue, 01 Mar 2022 14:56:36 GMT
X-Timer: S1646278438.744778,VS0,VE1
ETag: "621e3424-202b"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=3600
X-Browser: chrome
X-ECMA-V: modern
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 1, 1

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 644B 400 B
812 B 9ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a16f84ec6e3f8%26domain%3D52.64.66.132%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252F52.64.66.132%252Ff2fac9581334c64%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FSpatialSource&layout=button_count&locale=en_GB&sdk=joey&share=false&show_faces=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:57 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: cwHit1cPeyV8MPBiZqcbo4xzEWyt2qQa122x66mYN3++hGFDMiHZBUZZl7N4F35VZ6TS8L2jqcqfCOQl6Qey5A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Mar 2023 17:07:12 GMT

GET
H2 200 wt Show response
polarcdn-engine.com/ 3 B
68 B 592ms
591ms XHR
application/octet-stream 2606:4700::6812:863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-engine.com/wt?e=2&n=3&p=NA-SPATSOUR-11238412&s=1&u=7daff9fb-31c8-4cfe-9c51-89e4d7994790&v=2%2F19ea179&w=1.227.0&y=w&z=v1.7.8&pas=dfp&pag1=default&pag2=%2F58625620%2Fss_sc&pae=h&pai=f8570&d=52.64.66.132&pajs=div.latest-news+.posts%3Aeq(3)&pepm=gdpr-eu&pepc=n&mepc=1&pasf=0&paio=1&pasb=1&t=arx&parcid=2d7a3&parid=5f222&parin=1&partm=1&par=n&maxts=0.064&pvhref=http%3A%2F%2F52.64.66.132%2F&_=1646278436308
Requested by: Host: plugin.mediavoice.com
URL: http://plugin.mediavoice.com/plugin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://52.64.66.132/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:58 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 0
cf-ray: 6e5f504c2ed33759-MXP
content-length: 3
x-amz-id-2: OS7lFFEynEcRniwmHpSLBiVYOADSuGkdSLQE+o/z090ppOmzPLPvKMAozc/ztlJZTNKEE84efFc=
last-modified: Mon, 31 May 2021 19:44:05 GMT
server: cloudflare
etag: "28e4477bb454eb35226fe56082545e13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET
x-amz-request-id: 3DYH7BP78FX974EG
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: application/octet-stream

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 364B 7 KB
1 KB 21ms
20ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=PdoyIVkd8v16xl_NMp3H0N1Y&theme=light&size=invisible&badge=bottomright&cb=mkv9rdgawa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fbfb347a0184695679089036a6259a3227df713a57b28a028d0139be1de7493

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8wL2UU9XWGm0WFp8502LSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'report-sample' 'nonce-8wL2UU9XWGm0WFp8502LSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Thu, 03 Mar 2022 03:33:57 GMT
expires: Thu, 03 Mar 2022 03:33:57 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1041
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 HJyqP_dWHLU.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/ Frame 644B 521 KB
136 KB 8ms
8ms XHR
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/HJyqP_dWHLU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f60d8e252239db038dc1df9d666cecc7659d9c1ea4364142d28c617a7619b73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rdv3FC5lRysjWRwS65CMxA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139076
x-fb-rlafr: 0
x-fb-debug: w5fcDIQXK/LgB5ymGEQ/iAApDlj3ojpCFQTBDeXH6naWTPJ+rQCSlO6f175/8OXsAIID8mjPiC46sT4UTjlxQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 02 Mar 2023 20:30:16 GMT

GET
H3 200 HJyqP_dWHLU.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/ Frame 644B 521 KB
136 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/yH/l/en_GB/HJyqP_dWHLU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f60d8e252239db038dc1df9d666cecc7659d9c1ea4364142d28c617a7619b73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 03:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rdv3FC5lRysjWRwS65CMxA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 139076
x-fb-rlafr: 0
x-fb-debug: w5fcDIQXK/LgB5ymGEQ/iAApDlj3ojpCFQTBDeXH6naWTPJ+rQCSlO6f175/8OXsAIID8mjPiC46sT4UTjlxQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Mar 2023 20:30:16 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 364B 51 KB
24 KB 20ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdQt7AUAAAAAAdXsdjH9vvrDYJNKEr5x9Qj4U3m&co=aHR0cDovLzUyLjY0LjY2LjEzMjo4MA..&hl=en&v=PdoyIVkd8v16xl_NMp3H0N1Y&theme=light&size=invisible&badge=bottomright&cb=mkv9rdgawa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 13:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 13:00:57 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 364B 354 KB
140 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b8898d71ea7db36ad425e27dd3cecf3fdc4725dc461613ba08929fd0145012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143021
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 21:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:10:56 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 364B 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 117249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 08 Mar 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 364B 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 124036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 17:06:41 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 11ms
11ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 03 Mar 2022 03:33:57 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 140.61020b6c086bdb8bc696.js Show response
s7.addthis.com/static/ 2 KB
1010 B 9ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/140.61020b6c086bdb8bc696.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://52.64.66.132/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-688"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 03 Mar 2022 03:33:58 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 770

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ Frame 4E32 0
172 B 98ms
98ms XHR
text/plain 3.217.16.251

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: fast.wistia.net
URL: http://fast.wistia.net/assets/external/wistia-mux.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.16.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fast.wistia.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Mar 2022 03:34:02 GMT
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Methods: POST, GET

OPTIONS
H/1.1 200
OK /
fg8vvsvnieiv3ej16jby.litix.io/ Frame 0
0 633ms
98ms Preflight 3.217.16.251

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.16.251 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://fast.wistia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Thu, 03 Mar 2022 03:34:02 GMT
Content-Length: 0
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.intermedia.com.au
URL: https://secure.intermedia.com.au/images/mags/position_cover.jpg

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
52.64.66.132/	1970-01-20 18:49:10	Name: _ga Value: GA1.1.327237310.1646278436
52.64.66.132/	1970-01-20 01:19:24	Name: _gid Value: GA1.1.1343164723.1646278436
52.64.66.132/	1970-01-20 01:17:58	Name: _gat Value: 1
52.64.66.132/	1970-01-20 03:27:34	Name: _fbp Value: fb.3.1646278436036.1974199043
.facebook.com/	1970-01-20 03:27:34	Name: fr Value: 0oU2481i5TYti1MQH..BiIDck...1.0.BiIDck.
.doubleclick.net/	1970-01-20 10:39:34	Name: IDE Value: AHWqTUm2bPAS330v2cwbGeGSgEVp8UV85I4gBrXYkuvbnAxnAMVra1rBIHbRFPGiiUM
.t.co/	1970-01-20 18:49:10	Name: muc_ads Value: 82a82b9b-a496-4f3e-9e09-4e0b6f20c6e1
52.64.66.132/	1970-01-20 10:48:12	Name: __atuvc Value: 1%7C9
52.64.66.132/	1970-01-20 01:18:00	Name: __atuvs Value: 62203723f354cb00000
.addthis.com/	1970-01-20 10:48:12	Name: uvc Value: 1%7C9
.addthis.com/	1970-01-20 10:48:12	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://52.64.66.132/(Line 264) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-TD47HF Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nz74y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=74cd11d5-fcbb-48ce-94e6-1cb3b1651b26&tw_document_href=http%3A%2F%2F52.64.66.132%2F&tpx_cb=twttr.conversion.loadPixels Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16a4ca9b513ff1fdd6601bca6b2a9898.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
apis.google.com
cdn.onesignal.com
connect.facebook.net
csi.gstatic.com
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.net
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
m.addthis.com
onesignal.com
pagead2.googlesyndication.com
pipedream.wistia.com
pixel.wp.com
plugin.mediavoice.com
polarcdn-engine.com
pubads.g.doubleclick.net
s3.amazonaws.com
s7.addthis.com
secure.intermedia.com.au
securepubads.g.doubleclick.net
spatialsource.com.au
static.ads-twitter.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
s7.addthis.com
secure.intermedia.com.au
104.244.42.67
104.244.42.69
104.75.88.126
142.250.181.226
184.73.240.29
192.0.76.3
199.232.136.157
2.16.186.32
2.18.235.40
2001:4860:4802:32::3
2606:4700::6811:46b0
2606:4700::6811:d2cc
2606:4700::6812:14bf
2606:4700::6812:863
2606:4700::6812:e234
2606:4700::6813:d983
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::622
2a06:98c1:3120::7
3.217.16.251
52.217.225.120
52.64.66.132
54.86.117.43
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
052fe48add4e67ecd7d654fae1461c62d4013d0c5675b2489b4f49f524987175
06430bb701134867a9eb41cb3edef73fa1905d85ff949abaa875131f8f64370e
09e4811e5651b57616d379f099d2b11d1947ca1adda5a5d962d6e1dd2878fc29
0cdaac1951a0e3a7fc74bbf0b1fcd1fa00c40475881b3d66dec103fa62384dd8
0d0032e9daffaeccf9f8f91bc5b50e68a157a0ce26131d66569753efbe25af87
0fc29f186f4d182e930c9fafd0efcf208fe861eb87e42c0d9318981cddbb5028
106d90fc7fd9bee8a71251d6a93f013a40bdcaeffa8d94d4e0c8533eb56f918d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
130eaf99bd2cd686ff519ab908b22b9800044fc5fb3b76cb4a696569be46ea52
15a716f4a74b3ca012f631a07276f4a3a5e055dd950b5265218ba8e298b42882
15d090d3fe70263d81d9c491979be73b77bca882155b356f41b0046cbef0cba7
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
19d7f1fbc95c8496d858c64e41a84a1ed53bc6616cf0ece626312294e40d5d0f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d3bad26feedd542ebc44be5d6d9666dfe173580155fc3eaf6b4c8a5e4ac5457
1df7a24523290093157df22484dc0881a2bcf2d5f4dc38e5f4d9cbce0684be97
1f8e22239135a453a36a74b154a42d357ba2bca8f77c0ae80f94998e6fca800d
2205a2bfd1c02581de2e764c8b5a918767fec2624e4956b62934c60f43561400
25a50f8e41994e7addc8b761fd99f5f8560128909835a388edf76026c7a4c4f6
272e0ec4c6f86ff0d5570e4a630a8f3b6877c71ef921803612cdf848fdc35dc0
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
36ac65354f43479b9ecd2d7a7bdd749962c083d5a5b3366fedd832cd31476762
3944114f9b153d0184dec74f3badca12ecd3b259be3e79b961ffa1f86f520420
3bbf75d0841a591d4333ca949030f3c0bb8e30e606844891d472f5fdd892c6ce
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42164310418466277278b10facfb6907ad7cf8b5cbce814f4893a3934bfdf459
45cafee5bc5f7f3fd827ef6cf8aceca1366ba0362bcad036a5923ce0885cfe7e
48bcd9618cf6b9f31fc4d5a30c7899c702a5fc495bd5ecdbdec56ed1b0fac6a9
4a28a8b74846e74e9f79c608e4bbdc4adaab1f0d1173587bb94bc766702b5471
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e906ebceebe6dfb08328791886fbac4df43143e7655cb17fa2cd1752b1d3966
5171bda285ef7cdcf0d8044844108116207535ed7d748532f379795161734fda
538c3c39d2dac9e28ce4ca66d174786d447dd0c8e5c95c91489a8d3a05c9ff21
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
56390f0d43e4e647f5e912867ffce3db8f51c4c49b07fa3b14ed5bd9c0df4eb7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
59c9973e3e248bbca0f653164af93ccc334d8ffbf8bf34dec9e00e6557c2a318
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
5bcd425e8202ee7c548920cf84a921ac4fa67ef8e96ad19b5e2dc121c4468bdd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68aa73cf6c689b757bbdb1d36e965812002725ef00acd9f73d9e874f840f1ec9
6d04ac669715cb372b2713f29164a79884cd89f884cf70a309fcf43270aeb1c0
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
6e8340e550796c39ef28a317ec8095399bbf5b24f418f01861af924598d0a3eb
705df238a5ec0beb0caf8c639555a4d32d9de27d2cd3be715f639c625f23f7d6
70a73d0e82d5aa2418bbe189542f7b563c284fa57dafecd35c2bd5e7548ce242
713c712e418fbf59710b19e918c86dfa324e2f44366f093f28aadd9174a70cb5
72c7c136c4f241536c6eb24d450dc3ad86b55c1d12be67e44546e32181d8910d
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6
79a3b279d98796f9747f6a38f0a2206dd502a907125cd36b4a42e259f824f138
7a3b7adae4886e2c4530adf155050650d83dcad8c604fff6c461ed211e93ec45
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e0eeb766cafb16415d9a67beffc717f4e7045982d40f47cdcfa706b92dc27f9
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
8262d2ffcb082ac38f7a956d49fd4db0192e88ebd7293d166450e94ba1d852fb
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
833599771226019fe97b2000ba61fbca1fa9fcaa84ca7f00273cc3afb6052d56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871ce5ea68d19bfbbaf907d20ccd4a6ea7886ea2ce21e13ec2e0e2ca21475668
87b8898d71ea7db36ad425e27dd3cecf3fdc4725dc461613ba08929fd0145012
88f3468f28f8e083401ffd9987fa9ab1b895f5833a68fcb947766e614f0846bc
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c62090711aee80ec587c2bb975540e2f4f714d9401f4d160a2f5afd7739a0b5
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918949f9d5713f7b8184718f52e8d1d8793bfc04d794cf5f1efd18636ca08420
92b201fc6b011771c26fa0aa3640fea583ef91950ebe3e037f409d0d30d6f2e0
94f8bc1449072104bf4dbd741502c77d5f500a7a7e25f770795955b1c8c3321a
993184b823c59ac0eac1f308adb51a9337265ce81a88504af70c8aef388ac8bd
9bc1bd6d547a9e18f479347294d739b0280d672c54bf580cde0ff02cb1e491df
9c8bb0be9d12c1540f55eb74341fd4ba16db3bb4f03787e36cca877ceddae926
9d6b6fea30b0f68f0f39d25725a1efa8bd79be21b8c36c6f4e3bf9aae58045f4
9eece2a2b1198f6a3eee980b1599f892271511cbc48115bc551bd3a0a76af1ac
9fbfb347a0184695679089036a6259a3227df713a57b28a028d0139be1de7493
a02469f98260ae27494bb54f1519db7cdad053185c7cc9470af9245cff33c7e1
a02efbfef7340d1cd808b598166a53e8d82c492c81ef030ad0766efa5a7424c6
a09f977ac2bb71a7b6588853a983c9e7bf8c79f32979ad45763b41b4f84638cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a233bef5e60a7a0412d72121709728b61f93417dcbf5ca90a646a6c07a7b6d9f
a39a0534a9b9801289f9ccf6834adcc424b6d4f74fe67731ff9ac1b2727e2e46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7df7e20c12498cbd8bfb050068ffb7f70a2c430997501b5b80eb688c84b63e8
a85a8c6eb0e62a088ee8a2c3022a6c9473636b9fe8d6d4e784494a92528658e2
ac108f232842ce42ad096c3dd90819156e79dfffe99ecdc4c7a80f89ba30a1c0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae45572cc4a665378e3632602bad350a8c972de66e60ad6cca7378ab4ab1b41a
aea889ab294c97ce36eef4afb0740fed9be8178898132702e2e74dddf83228b3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4ec89099e4cb0b44951c2cee2822fa3b38cab19001be8caf9c7798cc0e4969
af82ae972fd005cfb3fc6b58f8c7b58bdcb10fba9d6d4eedb54a72b4318ec798
b1167acda910481187c3e4493572f5fb91ca19452d57b8e14b43d4829783e430
b168e86b5ff646c5d056f8909b07c5d654ddbe436cf06fe21ad40dac20473025
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd9e1f6390136b9c83e656c6434f5007b910f584a7df35527fcdb1e883991282
bdfcdc59347ec3b9e38269a6a5938230d37da622d469c82142d23b6c0e422f17
c0b04ef697d6cff323e1711e53ace560b8da3f545489e5a6512a194ecf11de39
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c34e6481f3090ea7e1e027dfa872a26a4d3092f83d6bfa77fa938ad2b95b2cdd
c377ef64ffd29d200b415fcab1ff4922473c4c47daa792f4f91eae1b559135ea
c5602b2e83fb2fd5abdeca2e5d21986046ab1b399eb6a2195708ef329f7a5e7b
c6e4dd10637ea492491405e1a773e38ae8f15c21d6c5d004715f367c39e2322a
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ceb04b0140c14c631cdb2f064681774e5c7ab98047f7cd98f9a538969755d198
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d3bfe3fb1ecd5265659a05e22af5b9ed83106bf712a9893ebc6d0ab6e5e4c23a
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df981a01695742a1661653eedb6ee05ef84c79ada6eb8a4bedbbc6a981e25005
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e0d03795322f25d9d95d750676205ce90d8fdfcb245ab762b9130ba61e981545
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e96610e27e9f3cca9818d01d9f48ce2e62ad6b0c53b6fbb77b387475db96ea8e
e9ac20d6f4cb323614faff95543b7797f595b8271d442ffdd34e13c69137eb51
e9fcba14ea80a15948ec75eab4b77a7f279cd9f17975102980d27706ea0ccb86
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaf98ce574d277d388cd1033f81152520fbb85fd4a9ab76740855179f8c6f80
f18e573334b605cc44d6fe9bd879a494be96d96e7dfdd649e7910fe87a610fac
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f38d4330ffe732e30c4ae42b80768d734578282aaae7f6818783e234c6fcbabb
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60d8e252239db038dc1df9d666cecc7659d9c1ea4364142d28c617a7619b73d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8e7798ef36d36df1886eb4900f3644d3eabd5ef406d7b6fa9b91c8da4844ec1
f9aed62523e942ff01300e2331f6b0ce030698f5a13ed3c453d89c59b2d31f9a
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe832ee996a6079d3f19caf700cef24dd9e69e2a33d923e8991ad8c2f0ac24ad
fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe

52.64.66.132 Open in urlscan Pro 52.64.66.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

201 Requests

49 %HTTPS

67 %IPv6

32 Domains

46 Subdomains

40 IPs

4 Countries

4586 kBTransfer

10454 kBSize

11 Cookies

10 Outgoing links

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

52.64.66.132 Open in urlscan Pro
52.64.66.132 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

49 %
HTTPS

67 %
IPv6

32
Domains

46
Subdomains

40
IPs

4
Countries

4586 kB
Transfer

10454 kB
Size

11
Cookies

201 HTTP transactions
5 data transactions