Submitted URL: http://gw2efficiency.com/
Effective URL: https://gw2efficiency.com/
Submission: On October 25 via api from US — Scanned from GB

Summary

This website contacted 34 IPs in 3 countries across 30 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3034::ac43:ae9d, located in United States and belongs to CLOUDFLARENET, US. The main domain is gw2efficiency.com.
TLS certificate: Issued by E6 on September 9th 2024. Valid for: 3 months.
This is the only time gw2efficiency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 195.201.24.68 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700::68... ()
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
3 141.95.98.65 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.223.40.198 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 108.138.6.136 16509 (AMAZON-02)
2 35.244.144.25 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 18.245.31.123 16509 (AMAZON-02)
1 18.244.15.236 16509 (AMAZON-02)
1 23.215.23.172 16625 (AKAMAI-AS)
1 2a02:2638:3::3 ()
1 34.98.64.218 ()
1 104.18.38.76 ()
1 76.223.111.18 ()
1 184.30.22.30 ()
1 23.35.236.201 ()
87 34
Apex Domain
Subdomains
Transfer
21 gw2efficiency.com
gw2efficiency.com
api.gw2efficiency.com
edge.gw2efficiency.com
2 MB
8 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 19339
tracker.nitropay.com — Cisco Umbrella Rank: 19216
257 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 345
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
85 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
cdn.id5-sync.com — Cisco Umbrella Rank: 994
55 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 150
182 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 883
api.btloader.com — Cisco Umbrella Rank: 1013
31 KB
3 gstatic.com
fonts.gstatic.com
108 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 904
1 KB
2 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 23591
117 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
bidder.criteo.com Failed
376 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
180 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
1 indexww.com
js-sec.indexww.com
1 criteo.net
static.criteo.net
31 KB
1 rubiconproject.com
prebid-server.rubiconproject.com Failed
fastlane.rubiconproject.com Failed
eus.rubiconproject.com
1 3lift.com
tlx.3lift.com Failed
eb2.3lift.com
1 openx.net
rtb.openx.net Failed
u.openx.net
1 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096
17 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917
289 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
423 B
1 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 11041
14 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
7 KB
0 casalemedia.com Failed
htlb.casalemedia.com Failed
0 sharethrough.com Failed
btlr.sharethrough.com Failed
0 adnxs-simple.com Failed
ib.adnxs-simple.com Failed
0 lijit.com Failed
ap.lijit.com Failed
0 ad.gt Failed
id.hadron.ad.gt Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
87 30
Domain Requested by
17 gw2efficiency.com gw2efficiency.com
6 s.nitropay.com gw2efficiency.com
s.nitropay.com
3 c.amazon-adsystem.com s.nitropay.com
c.amazon-adsystem.com
3 id5-sync.com s.nitropay.com
cdn.id5-sync.com
3 fonts.gstatic.com fonts.googleapis.com
3 api.gw2efficiency.com gw2efficiency.com
2 api.btloader.com btloader.com
2 ad-delivery.net gw2efficiency.com
2 consent.nitrocnct.com s.nitropay.com
2 tracker.nitropay.com s.nitropay.com
2 securepubads.g.doubleclick.net s.nitropay.com
2 cdn.id5-sync.com s.nitropay.com
2 gum.criteo.com s.nitropay.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com gw2efficiency.com
www.googletagmanager.com
2 fonts.googleapis.com gw2efficiency.com
1 ads.pubmatic.com s.nitropay.com
1 eus.rubiconproject.com s.nitropay.com
1 eb2.3lift.com s.nitropay.com
1 js-sec.indexww.com s.nitropay.com
1 u.openx.net s.nitropay.com
1 static.criteo.net s.nitropay.com
1 secure.cdn.fastclick.net s.nitropay.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com s.nitropay.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 ad.doubleclick.net gw2efficiency.com
1 btloader.com s.nitropay.com
1 match.adsrvr.org s.nitropay.com
1 edge.gw2efficiency.com gw2efficiency.com
1 cdn.ravenjs.com gw2efficiency.com
1 maxcdn.bootstrapcdn.com gw2efficiency.com
0 htlb.casalemedia.com Failed s.nitropay.com
0 btlr.sharethrough.com Failed s.nitropay.com
0 fastlane.rubiconproject.com Failed s.nitropay.com
0 prebid-server.rubiconproject.com Failed s.nitropay.com
0 bidder.criteo.com Failed s.nitropay.com
0 ib.adnxs-simple.com Failed s.nitropay.com
0 tlx.3lift.com Failed s.nitropay.com
0 rtb.openx.net Failed s.nitropay.com
0 ap.lijit.com Failed s.nitropay.com
0 hbopenbid.pubmatic.com Failed s.nitropay.com
0 id.hadron.ad.gt Failed s.nitropay.com
0 api.rlcdn.com Failed s.nitropay.com
87 45
Subject Issuer Validity Valid
gw2efficiency.com
E6
2024-09-09 -
2024-12-08
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-06 -
2025-04-07
a year crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
api.gw2efficiency.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
nitropay.com
WE1
2024-09-09 -
2024-12-08
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
id5-sync.com
WE1
2024-09-30 -
2024-12-29
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
btloader.com
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.nitropay.com
WR3
2024-09-30 -
2024-12-29
3 months crt.sh
nitrocnct.com
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
ad-delivery.net
WE1
2024-09-12 -
2024-12-11
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh
api.btloader.com
WR3
2024-10-01 -
2024-12-30
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03
2024-03-29 -
2025-04-28
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-07 -
2025-08-07
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
indexww.com
WE1
2024-10-01 -
2024-12-31
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh

This page contains 6 frames:

Primary Page: https://gw2efficiency.com/
Frame ID: 66F98FB3744873F91B3BA642B18D8F62
Requests: 81 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: A335608215DB3BD47B6ABF4362338C21
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0CB56DD9D8FC0072071378C88A87FC90
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&
Frame ID: 168373F072576AFFA93CFC891D646583
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Frame ID: 1D8FF811FD61D9D0608E4EED1CD10710
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Frame ID: 8583BBF408A7A88854809F4398BBA283
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

gw2efficiency

Page URL History Show full URLs

  1. http://gw2efficiency.com/ HTTP 307
    https://gw2efficiency.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

87
Requests

84 %
HTTPS

52 %
IPv6

30
Domains

45
Subdomains

34
IPs

3
Countries

2867 kB
Transfer

8599 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gw2efficiency.com/ HTTP 307
    https://gw2efficiency.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gw2efficiency.com/
Redirect Chain
  • http://gw2efficiency.com/
  • https://gw2efficiency.com/
34 KB
6 KB
Document
General
Full URL
https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81af35c3bdc5f142b946b19b940ee80d1f644e2fdab4e455075910872b7a771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7fc0167c6b7791-LHR
content-encoding
br
content-type
text/html
date
Fri, 25 Oct 2024 05:19:12 GMT
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg1dCvoFL%2BQuJOnw0DxwByC0xL4fsigp7mmRpe4i279MRRgtjxjF8yO50r8PBZFlx4hhS9uiADPKrs1QHQRNJ80c4R0BSqUxAOB7kYbTvXPofc0X1oegRebZ9hP3L50AvIjJ1XMn1gpSiE4lcaPvCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26388&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4115&recv_bytes=3199&delivery_rate=20448&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=331&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://gw2efficiency.com/
Non-Authoritative-Reason
HSTS
css
fonts.googleapis.com/
25 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700|Open+Sans:300,400,600,700
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
daa14062cd460d31208914c3aa77bcb50201b4bb0aeeed9cda46773456deb2dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 05:19:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 25 Oct 2024 05:19:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
186458
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Oct 2024 05:19:12 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/17/2024 22:45:09
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1769b3ee10e02fba5c9a8188f38eacc1
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d7fc0198a6f9415-LHR
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
framework.css
gw2efficiency.com/
116 KB
13 KB
Stylesheet
General
Full URL
https://gw2efficiency.com/framework.css?cb=1729656706
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4961d651f64e945358e898b3c31aecf791a1cd72e0af585d7005a37b2d42a12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67187782-1ce6a"
age
1309
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80QfVfaTFSWzEQ1%2BKAlFzVD2j1SGbbPNV%2BeztabZ3Cq2GWl8ksjmIpZiXUWI2jNngZvVqz5nej9cjY3Kngx%2FNuAzl7uXU1pdQ1wWOOuMpsstqVawa7PX2%2FYl9Ak8VT6%2BWuiTqMUHFcf8362m2ds6ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=21&recv=17&lost=0&retrans=0&sent_bytes=9997&recv_bytes=4669&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=527&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0182e9e7791-LHR
server
cloudflare
legacy-styles.css
gw2efficiency.com/
299 KB
44 KB
Stylesheet
General
Full URL
https://gw2efficiency.com/legacy-styles.css?cb=1729656706
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b29ef4fb06a7b687ee6366036dce4cb349e00fa4bb1c82ac0c0434fb3f4eec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67187782-4aace"
age
1309
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9t6fbudgGdKyyjAElGiDeSE%2F%2Fdg6GXXnrcr9y88J8wl7mYyS3gQGcZBwRrQAk3w5%2BAaNPUEpWKZ7OCfEcnu6V7%2FaPmI%2BwW2DbpOM1WThG806sSYyklb0zrUy4ccEqbcanm5j8uZjAZjqVs0RgGJOBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=32&recv=18&lost=0&retrans=0&sent_bytes=22020&recv_bytes=5019&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=528&x=1", cfExtPri, cfHdrFlush;dur=30
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0182ea07791-LHR
server
cloudflare
raven.min.js
cdn.ravenjs.com/3.26.4/
37 KB
14 KB
Script
General
Full URL
https://cdn.ravenjs.com/3.26.4/raven.min.js
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://gw2efficiency.com
Referer
https://gw2efficiency.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
content-encoding
gzip
etag
"e7a52e3ca61154fb6077ca08d351e3e3"
age
73964
accept-ranges
bytes
access-control-allow-origin
*
content-length
13757
date
Fri, 25 Oct 2024 05:19:12 GMT
last-modified
Fri, 20 Jul 2018 09:10:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Fastly
application.js
gw2efficiency.com/scripts/
3 MB
906 KB
Script
General
Full URL
https://gw2efficiency.com/scripts/application.js?cb=1729656706
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e41ed2625b8c026506d6e11a13ca7eb37f8557d252c3b6a58c1f96cee862cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67187782-34f1f4"
age
1309
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UemTN5nfwtTFmyEcTRLjhnvPIlW0h17Nsh3GfEM7jvo%2BL0EZrqq%2BMOgk8jQEdcm5n8kf4AhIxMwwE5BOXNxYxhOKMCKCUscq9fPHWWxwLcbNPMcHHWeUgmpPb%2BkbebSmdBLzhqunQkkgxQbOqbvaUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=32&recv=18&lost=0&retrans=0&sent_bytes=22020&recv_bytes=5019&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=534&x=1", cfExtPri, cfHdrFlush;dur=25
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0183ead7791-LHR
server
cloudflare
logo.png
gw2efficiency.com/assets/
37 KB
38 KB
Image
General
Full URL
https://gw2efficiency.com/assets/logo.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60cb8aa3bc65fdd8560e5802d654547bac6c72ff751fe7324b25f04c8aa5c1be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-9419"
age
2647
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12SM2BCPJerRH2XF92MmG2qNTodY1MuNW2jOFn0hZ3TiUHVqgRXPM%2BTQjQjFTRlesS8Y720xeh%2FbVFArgSLszN9yw%2FlsBIH3%2FJq1rBlwVuJM5GV5kRtnthuYykfwjWOJcP2ADM5v7aDUYZJRxtaa8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=32&recv=18&lost=0&retrans=0&sent_bytes=22020&recv_bytes=5019&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=537&x=1", cfExtPri, cfHdrFlush;dur=22
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0183eb17791-LHR
accept-ranges
bytes
content-length
37913
server
cloudflare
disco.gif
gw2efficiency.com/assets/
8 KB
9 KB
Image
General
Full URL
https://gw2efficiency.com/assets/disco.gif
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1743652b65bd548f60465470a526909f9e3643a04e2f9b9d5dfcd509aff1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-204f"
age
7127
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FgUYqu1Byek7%2B1wyGQ8zN%2F%2FBpgw9rqdCb6NAlUu7mRLI47EFBzYTC%2B2KIa2BPFo8Me1I8f9E5dvzbOgEKmUaieZ60%2FriCSW2wfyTnjYnD7uhK5SVw2LGECG%2BZgI33Zw27037tDdjDegQkHfYXfNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=32&recv=18&lost=0&retrans=0&sent_bytes=22020&recv_bytes=5019&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=537&x=1", cfExtPri, cfHdrFlush;dur=22
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
image/gif
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0183eb67791-LHR
accept-ranges
bytes
content-length
8271
server
cloudflare
js
www.googletagmanager.com/gtag/
309 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E2Z6ZDENC7
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e1c34be182bbbf3fb984142b8a4e6ad6f9419442cae949d67673111eed3fcb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 05:19:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106993
x-xss-protection
0
server
Google Tag Manager
css
fonts.googleapis.com/
3 KB
646 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/framework.css?cb=1729656706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7994deac4364b16780c159cabb10947c23633c56cea926673c1ed9ae0ae6bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 05:19:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 25 Oct 2024 04:45:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
disco.gif
gw2efficiency.com/assets/
8 KB
0
Image
General
Full URL
https://gw2efficiency.com/assets/disco.gif
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1743652b65bd548f60465470a526909f9e3643a04e2f9b9d5dfcd509aff1d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-204f"
age
7127
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FgUYqu1Byek7%2B1wyGQ8zN%2F%2FBpgw9rqdCb6NAlUu7mRLI47EFBzYTC%2B2KIa2BPFo8Me1I8f9E5dvzbOgEKmUaieZ60%2FriCSW2wfyTnjYnD7uhK5SVw2LGECG%2BZgI33Zw27037tDdjDegQkHfYXfNOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27020&sent=32&recv=18&lost=0&retrans=0&sent_bytes=22020&recv_bytes=5019&delivery_rate=97844&cwnd=12000&unsent_bytes=0&cid=2ec507134aad4993&ts=537&x=1", cfExtPri, cfHdrFlush;dur=22
date
Fri, 25 Oct 2024 05:19:12 GMT
content-type
image/gif
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=2,i
x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0183eb67791-LHR
accept-ranges
bytes
content-length
8271
server
cloudflare
status
api.gw2efficiency.com/user/
222 B
674 B
XHR
General
Full URL
https://api.gw2efficiency.com/user/status?v=2021-07-24T00%3A00%3A00Z
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.24.68 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.24.201.195.clients.your-server.de
Software
/ Express
Resource Hash
48b0a42cf783da9f0d3f7dba95a811fe2f58cfe7b5a7d99ab0e82a5357d4c200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
X-Page-Size,X-Page-Total,X-Result-Count,X-Result-Total,X-Edge-Cache-Allowed
content-encoding
gzip
etag
W/"de-T6lMErvyvkudwLoAmpFIn9Co9CI"
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://gw2efficiency.com
content-length
184
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-powered-by
Express
x-frame-options
DENY
sprite-0dfc990a9c532ce6d33d1a16269a0905e6603b98.png
gw2efficiency.com/assets/
521 KB
522 KB
Image
General
Full URL
https://gw2efficiency.com/assets/sprite-0dfc990a9c532ce6d33d1a16269a0905e6603b98.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/legacy-styles.css?cb=1729656706
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942f8186f8dd64902f7b1f19eb3d330e9651544cff0d1e28409681801bb124ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/legacy-styles.css?cb=1729656706

Response headers

cf-cache-status
HIT
etag
"67187782-824e3"
age
7129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbzLNoaSeBBcBqp0h0jLtNRZVwAWZwW6tv5Xsdd6iS6aEDpj0MtlciDixJ70IrA1kv6dXL3fwmS3GfMW6DB9GQ3Llsg7JS1ujIDn5lQ1LDOyTY6Z8rSswHD7K9D03aE%2B78RuIeDWSJnCuCOZeQSxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54893&sent=1056&recv=163&lost=136&retrans=136&sent_bytes=1228059&recv_bytes=12088&delivery_rate=740476&cwnd=201831&unsent_bytes=0&cid=2ec507134aad4993&ts=3701&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:15 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc02bf8677791-LHR
accept-ranges
bytes
content-length
533731
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Open+Sans:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://gw2efficiency.com
Referer
https://fonts.googleapis.com/

Response headers

age
285593
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 21 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Open+Sans:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://gw2efficiency.com
Referer
https://fonts.googleapis.com/

Response headers

age
219365
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:23:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:23:11 GMT
last-modified
Tue, 02 May 2023 15:28:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
29588
x-xss-protection
0
server
sffe
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Open+Sans:300,400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://gw2efficiency.com
Referer
https://fonts.googleapis.com/

Response headers

age
218741
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:33:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:33:35 GMT
last-modified
Tue, 02 May 2023 15:52:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33116
x-xss-protection
0
server
sffe
errorSplash.html
gw2efficiency.com/views/_directives/
2 KB
1 KB
XHR
General
Full URL
https://gw2efficiency.com/views/_directives/errorSplash.html
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2461c657d92029c758cbdaddd4d6cf3d1720e5386efddc0d5875eaba6971c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5iwXT4RA95l2ElkxcbMEQO%2FLMqiMwoxxXMoQb0S4ijawsJ3%2BCu6IZ5Qud22%2BxU%2Fm9YT0184JdO%2BbJg7GayQC15rTNoZDpwYtk7XqdBCLRZFAM9Zo%2FWDtOr4UhBMYpfVuVs9cKY9VrTYNCqE8gNGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30662&sent=1552&recv=223&lost=169&retrans=169&sent_bytes=1813315&recv_bytes=15327&delivery_rate=3418464&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=3984&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
text/html
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc02da99b7791-LHR
server
cloudflare
index.html
gw2efficiency.com/views/Dashboard/
7 KB
2 KB
XHR
General
Full URL
https://gw2efficiency.com/views/Dashboard/index.html
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911a3e38db7de24a5e5ff3f78851076bc321f3c12e5e5034de0e80273a6548de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvJmYRFXBFUdSRW34omCCSAoWRdeKT7xxqutE%2BT7oeiRG4flwUCvGe5ep66w1xPRr59or2kosRRBR7RIM87SCaLddppMLuojyLEAWWv%2BxadzHUV%2BzlPaGR2S7ufrNdhipGJfBRec1fr9RbcT4kBkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30370&sent=1556&recv=225&lost=169&retrans=169&sent_bytes=1814651&recv_bytes=15704&delivery_rate=17123&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4061&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
text/html
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc02e19f07791-LHR
server
cloudflare
js
www.googletagmanager.com/gtag/
207 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49743502-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E2Z6ZDENC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2847acd0dcff8bb875c7fb3ca41197363dbf4285e1088650d04e29e0ccef5329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 05:19:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76321
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E2Z6ZDENC7&gtm=45je4al0v874902909za200&_p=1729833555455&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101686685~101823848&cid=2142357744.1729833556&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729833556&sct=1&seg=0&dl=https%3A%2F%2Fgw2efficiency.com%2F&dt=gw2efficiency&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4399
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E2Z6ZDENC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gw2efficiency.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
text/plain
server
Golfe2
partner-normal.png
gw2efficiency.com/assets/
12 KB
13 KB
Image
General
Full URL
https://gw2efficiency.com/assets/partner-normal.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aea401544bffb17cb79d9f2f6b31ba1e7aaba038cbb64c91e1446eec9084646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-314c"
age
4904
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUOdX4ByEdUzXGf4gZfNbKhv3zDF1YbV7SQwVDAfywV6Zk06p7%2FXf%2FHtuVKpF7Gx3RGDbtqcwvXnrL4xTsfUjUzB3w4fVwAxtYv1wikIpcInpg10QZZmBhH6u95F73%2BsMX%2B2dyjUUebXy4898Ll2zw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32964&sent=1563&recv=229&lost=169&retrans=170&sent_bytes=1818407&recv_bytes=16622&delivery_rate=287&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4382&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0304bae7791-LHR
accept-ranges
bytes
content-length
12620
server
cloudflare
partner-nightmode.png
gw2efficiency.com/assets/
10 KB
10 KB
Image
General
Full URL
https://gw2efficiency.com/assets/partner-nightmode.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47973eaf5d0fef2a23688d63e416291c7f19b2f63d6fb01c1c69eaee2c226478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-26ec"
age
4904
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHP9r1E3L2LyUyNR1miS7Fp7V%2BIZLe%2BtDSSMsDG2hKFGkKuBuRXiYs7co%2FE%2FbxKssP9vIScZCwEfGJOIgZkOPFSeKRA1YPwSNOvrPi%2BVn5vVJ8FDb8zuZuER8pdQS9eUBf1MJB%2F6LOFKGd4BAfCQig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32964&sent=1575&recv=229&lost=169&retrans=170&sent_bytes=1832026&recv_bytes=16622&delivery_rate=287&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4382&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0304bb07791-LHR
accept-ranges
bytes
content-length
9964
server
cloudflare
api-key-missing.png
gw2efficiency.com/assets/errors/
53 KB
54 KB
Image
General
Full URL
https://gw2efficiency.com/assets/errors/api-key-missing.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58cf028702c2d57ac0b16271ee97450d2de8d0fca2652fa1251562a410d18942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-d446"
age
7129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6iEK09HAcT8AOFLNquDz4Daf6HNuqIT11h2Asja0Vo1AbiOlO1no2KU7OPsNOUJ43Hp0%2BYQHzHNIgfYPaz%2BCmKrVCaxMVnZiAp5q0CBxVSC7mFHDykgrnp2LOZctqHOZAcQeDT1%2BH3ytkZrKTRsUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41724&sent=1586&recv=232&lost=169&retrans=170&sent_bytes=1842968&recv_bytes=17129&delivery_rate=299164&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4492&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc030fc5e7791-LHR
accept-ranges
bytes
content-length
54342
server
cloudflare
api-key-invalid.png
gw2efficiency.com/assets/errors/
42 KB
42 KB
Image
General
Full URL
https://gw2efficiency.com/assets/errors/api-key-invalid.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945493a45f71e1c4947067f5f5d19eecadcb62b653fb6df5d17fd8659bb30656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-a6dc"
age
4606
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXGOzq4hnz%2BDaJ0fo4d9hQfCQf4g37IpSMlTSLo1dFh%2F4Hjil0kUCBOBxUFYZMPFKmS743YjmCSVx%2F8ZjGtC%2Bh6DuHUx9fXG%2F%2F6xndLNgn6n5EOeJf0MlOj4aA5GeHuGJucyADSZqGzbLwdKqOd9yA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41724&sent=1634&recv=234&lost=169&retrans=170&sent_bytes=1899244&recv_bytes=17963&delivery_rate=299164&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4509&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0310c7b7791-LHR
accept-ranges
bytes
content-length
42716
server
cloudflare
api-error.png
gw2efficiency.com/assets/errors/
52 KB
53 KB
Image
General
Full URL
https://gw2efficiency.com/assets/errors/api-error.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45c46ce40762e9e8ca9b3beb6dc302ba333eabb4c9ee32fdca4759794b862a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-d14d"
age
7129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BPZJTUraCStMdzDT0wrRHPSlZ80CXo1CEDsMbCrYKQVWf9d4LnyHdnGEjQzeUw0zQDlx8luGFmPWcj7J3wzkC0%2BPgfO%2BcedVSOYXBE0CAVESJmw%2F9owLvasfzrAkhAWCP6jsHwZTerKaNU57%2BwXJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41724&sent=1671&recv=234&lost=169&retrans=170&sent_bytes=1943615&recv_bytes=17963&delivery_rate=299164&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=4514&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0310c7e7791-LHR
accept-ranges
bytes
content-length
53581
server
cloudflare
changelog
edge.gw2efficiency.com/data/
216 KB
39 KB
XHR
General
Full URL
https://edge.gw2efficiency.com/data/changelog?v=2021-07-24T00%3A00%3A00Z
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c8338823decc19c3fae13c2acf24ab7c02a991c156439332c195824dba6f2c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

access-control-expose-headers
X-Page-Size,X-Page-Total,X-Result-Count,X-Result-Total,X-Edge-Cache-Allowed
content-encoding
br
cf-cache-status
HIT
etag
W/"35e33-uX4fpFyKU/oLiiFHTngJJmsQZoQ"
age
1025
x-edge-cache-allowed
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BgyxCJJu13ID2bcg2IlsQSUXRwQ2Y1JU7k9uzRCslnCNrASjyl8xlrtvKOUDrVcesijGyuub3yitEw313X2lMwj07GbFv3G%2FE5yvatqOuufqYmCz%2BkDYxSYyrp2DRNZB9v6M11ELB04h5yWn2KBRxxvi1i63"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7680&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3970&recv_bytes=2335&delivery_rate=1230398&cwnd=255&unsent_bytes=0&cid=9352045ef520d117&ts=151&x=0"
date
Fri, 25 Oct 2024 05:19:17 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-epc-version
11
x-epc-date
2024-10-25T04:52:20.220Z
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8d7fc0343b16bd7d-LHR
access-control-allow-origin
*
x-epc-source
CACHE
x-powered-by
Express
server
cloudflare
key-value-store
api.gw2efficiency.com/user/
222 B
218 B
Fetch
General
Full URL
https://api.gw2efficiency.com/user/key-value-store?key=api_key_names
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.24.68 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.24.201.195.clients.your-server.de
Software
/ Express
Resource Hash
48b0a42cf783da9f0d3f7dba95a811fe2f58cfe7b5a7d99ab0e82a5357d4c200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
X-Page-Size,X-Page-Total,X-Result-Count,X-Result-Total,X-Edge-Cache-Allowed
content-encoding
gzip
etag
W/"de-T6lMErvyvkudwLoAmpFIn9Co9CI"
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://gw2efficiency.com
content-length
184
date
Fri, 25 Oct 2024 05:19:16 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-powered-by
Express
x-frame-options
DENY
key-value-store
api.gw2efficiency.com/user/
222 B
374 B
Fetch
General
Full URL
https://api.gw2efficiency.com/user/key-value-store?key=api_key_names
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.201.24.68 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.24.201.195.clients.your-server.de
Software
/ Express
Resource Hash
48b0a42cf783da9f0d3f7dba95a811fe2f58cfe7b5a7d99ab0e82a5357d4c200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
X-Page-Size,X-Page-Total,X-Result-Count,X-Result-Total,X-Edge-Cache-Allowed
content-encoding
gzip
etag
W/"de-T6lMErvyvkudwLoAmpFIn9Co9CI"
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://gw2efficiency.com
content-length
184
date
Fri, 25 Oct 2024 05:19:17 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-powered-by
Express
x-frame-options
DENY
ads-1722.js
s.nitropay.com/
635 KB
199 KB
Script
General
Full URL
https://s.nitropay.com/ads-1722.js
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/scripts/application.js?cb=1729656706
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e95cc82e6dfcf40bfd884871e5bac3ab4f38883fcc576e348ff26a177fdc63c1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-meta-goog-reserved-file-mtime
1728508799
x-goog-hash
crc32c=W124zw==, md5=Ka96QQNcjweC7/Frl3y1Ow==
cf-cache-status
HIT
etag
W/"29af7a41035c8f0782eff16b977cb53b:1729802815000:GB"
age
30626
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Fri, 24 Oct 2025 20:48:13 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
645774
date
Fri, 25 Oct 2024 05:19:17 GMT
content-type
text/javascript
last-modified
Thu, 24 Oct 2024 20:46:55 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY1puMkztUBrOKxxrJHlr-PbKq8TnmImYyF6ozq7h9TBhFM0uxUOzuRLD0MYMhIBX7y_oY_T7Fbd9g
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
private, max-age=600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc0346d2c7732-LHR
access-control-allow-origin
*
x-goog-generation
1728509215200400
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49743502-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
age
6783
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 05:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 03:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
json
gum.criteo.com/sid/
2 B
376 B
Fetch
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgw2efficiency.com%2F&domain=gw2efficiency.com&cw=1&lsw=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
214181
expires
0
access-control-allow-origin
https://gw2efficiency.com
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
prebid
id5-sync.com/api/config/
194 B
666 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://gw2efficiency.com
p3p
CP="CAO PSA OUR"
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id5PrebidModule.js
cdn.id5-sync.com/api/1.0/
85 KB
25 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbe8d493116cb05b01e50061834d1958a4691346e6b47e8cff744b5d13bda04
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-amz-id-2
z3/ZnMRw5lhKkDqboTNoKYZRPp9pMUT6nQkSQoh+5iVUuG4ohmIahH+FHu79cJ4rLZS7ldncqjA=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"d0899090b55b0be5713c0fc28ea471c6"
age
2301
x-amz-request-id
9GPN77N8WGZ1M51G
cf-ray
8d7fc04e78646511-LHR
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
envelope
api.rlcdn.com/api/identity/
0
0

rid
match.adsrvr.org/track/
63 B
423 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
1bb42fd09eef91fa3c4c3178da1629453f20632decc9a010ec69051f9904d695

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://gw2efficiency.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Sun, 24 Nov 2024 05:19:21 GMT
access-control-allow-origin
https://gw2efficiency.com
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
tag
btloader.com/
106 KB
30 KB
Script
General
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4f638a12bb433de8a12c744ae820c4d518768412a202c4b95f02cbfff85549b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"e9f1f89e4410b757fdd8aa12f987a47b"
age
2978
via
1.1 google
cf-ray
8d7fc04f5b7563a8-LHR
accept-ranges
bytes
content-length
30800
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 04:29:25 GMT
vary
Origin, Accept-Encoding
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1f7dc95ea8c52d136d3bf1305c1e3a163d40cf73ad43956630b16f4193947be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
etag
921 / 20021 / m202410210101 / config-hash: 14888303419319818751
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 05:19:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33607
x-xss-protection
0
server
cafe
gpp-411a3ae.min.js
s.nitropay.com/
266 KB
50 KB
Script
General
Full URL
https://s.nitropay.com/gpp-411a3ae.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cb989c9901f49eb007990fe871851f7533e55343b8be10fd7b93c3c4e447a139
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=Gpahig==, md5=nKhTnNI4uIFTUedbACfPRA==
cf-cache-status
HIT
etag
W/"9ca8539cd238b8815351e75b0027cf44"
age
122518
content-encoding
gzip
x-goog-stored-content-encoding
identity
expires
Wed, 23 Oct 2024 21:30:24 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
272066
date
Fri, 25 Oct 2024 05:19:19 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 16:17:14 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3QvVNEkM73u6gtqzgEbD_cDu9ARvxatCRpYzNXR0Qyupp8DdtueW7EklKHTZ9SIk12mEKw_655Eg
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc04468577732-LHR
access-control-allow-origin
*
x-goog-generation
1727799434394980
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/
324 KB
80 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"b3da0d59872bd7a86984a426ca256adc"
age
56
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
S2wJvcCe4a7F4Bx7eozLfj0lJLFaDj1gng1ZJh51vE0QEY23uS4hdg==
date
Fri, 25 Oct 2024 05:18:26 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 15:05:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
x-amz-server-side-encryption
AES256
1722
tracker.nitropay.com/a/
0
0
Fetch
General
Full URL
https://tracker.nitropay.com/a/1722?d=eyJocmVmIjoiaHR0cHM6Ly9ndzJlZmZpY2llbmN5LmNvbS8iLCJ2Ijo5NiwiYSI6ZmFsc2UsInMiOnRydWUsImMiOiJHQiIsInIiOiJFTkcifQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:21 GMT
server
nginx/1.27.0
1.gif
s.nitropay.com/
42 B
621 B
Image
General
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
cf-cache-status
HIT
etag
"d89746888da2d9510b64a9f031eaecd5"
age
201154
x-goog-stored-content-encoding
identity
expires
Mon, 28 Oct 2024 23:06:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
42
date
Fri, 25 Oct 2024 05:19:20 GMT
x-goog-custom-time
1970-01-01T00:00:00Z
content-type
image/gif
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0cykztlgOMya9O8ltdeLO1MEhPbax1xNehY9gNoRtDndNmev2wG4XTzKIcEa9XdEzGLcDvYe9WGw
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=604800
x-goog-meta-
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc0481afa7732-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1611305925409947
content-length
42
server
cloudflare
collect
www.google-analytics.com/j/
1 B
420 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=127620212&t=pageview&_s=1&dl=https%3A%2F%2Fgw2efficiency.com%2F&ul=en-gb&de=UTF-8&dt=gw2efficiency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2005538903&gjid=752089785&cid=2142357744.1729833556&tid=UA-49743502-1&_gid=1528549878.1729833560&_r=1&gtm=457e4al0z8874902909za200zb874902909&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101686685~101823847~101925629&jsscut=1&z=1873655415
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gw2efficiency.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:20 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://gw2efficiency.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgw2efficiency.com%2F&domain=gw2efficiency.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gw2efficiency.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gw2efficiency.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 25 Oct 2024 05:19:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
184264
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
additional-consent-providers.csv
consent.nitrocnct.com/
116 KB
36 KB
XHR
General
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-411a3ae.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
cf-cache-status
HIT
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
age
40091
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXJTgZDKiKauz7FXMpvvZhttON53CU8uDm3wm%2FKp54XhrN5bP5KJZ0mCpvY2WZ%2FXH6KV%2Bi6EW9YMILYvSM1JWE6y8JIJXS6Ho9JDMA0ZtDco%2B7Jn3nrS93wUwTpsDtkQgwVTKuL%2Fss2YtgalcMqu%2F4KXoyU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 31 Oct 2024 17:13:06 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
119221
server-timing
cfL4;desc="?proto=QUIC&rtt=47104&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4238&recv_bytes=4385&delivery_rate=261&cwnd=12000&unsent_bytes=0&cid=4224913e844b2816&ts=565&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:21 GMT
content-type
text/plain
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHxI1nPR95JNx--dXTT-qVgdauVXdiH-bXvCMSUqHctSIrHQPiYCHZiQVW-CSA2b5WtHn0U9xzY_4TxFZA
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8d7fc0525b216376-LHR
access-control-allow-origin
*
x-goog-generation
1689147090287559
server
cloudflare
vendor-list-v3.json
consent.nitrocnct.com/
638 KB
80 KB
XHR
General
Full URL
https://consent.nitrocnct.com/vendor-list-v3.json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-411a3ae.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1afe3b0a4185492a754040fa81d752e376feb09ff117d08301ff8884d3e65c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=dUFvzw==, md5=kTPaR0cK4U5w9xm5r4Bo8g==
cf-cache-status
HIT
etag
W/"9133da47470ae14e70f719b9af8068f2"
age
112106
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9vEAUT%2FkQzbMiVYX50VGqJb89uzipng0QTGqAiT%2FYApuUQ3cB70P0%2Fz2OZlTVOk7AkHZ2PEsH8tz8a483Sj4h7RQe9zgMLgTYSB6zlovw400O0vlsQN402iBkalJL%2BIibr%2FptNcpXUew%2FX230C6lDeGWOY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 30 Oct 2024 21:17:09 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
653506
server-timing
cfL4;desc="?proto=QUIC&rtt=47104&sent=25&recv=11&lost=0&retrans=0&sent_bytes=16262&recv_bytes=4707&delivery_rate=261&cwnd=12000&unsent_bytes=0&cid=4224913e844b2816&ts=588&x=1", cfExtPri, cfHdrFlush;dur=40
date
Fri, 25 Oct 2024 05:19:22 GMT
content-type
application/json
last-modified
Thu, 17 Oct 2024 16:15:08 GMT
vary
Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHmUCY2i6NhwiilSR9wn7lWgTQyy3qU_HmhhEh-pYjktgGhEU8MP8Awvxy03u35jcibSph3wzVKRAbnxTA
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8d7fc0527b316376-LHR
access-control-allow-origin
*
x-goog-generation
1729181708564220
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E2Z6ZDENC7&gtm=45je4al0v874902909za200&_p=1729833555455&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101686685~101823848&cid=2142357744.1729833556&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729833556&sct=1&seg=0&dl=https%3A%2F%2Fgw2efficiency.com%2F&dt=gw2efficiency&en=scroll&epn.percent_scrolled=90&_et=209&tfd=9637
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E2Z6ZDENC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gw2efficiency.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:22 GMT
content-type
text/plain
server
Golfe2
px.gif
ad-delivery.net/
43 B
341 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
122122
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bihat%2BX3QcjPTDD9uFmjfdXxxP4xFMeF1BcRkpZeNo0tsYGIE%2FdtEsJoHGgHnskm%2BdXdhWZQTeyeh%2BvryNU2Kj8PnaZqY5Rpy27a8OXLyY22r780fKIpV9lxHwQWgnSQ8IXuERFlqQ%2FFzqwEEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 23 Oct 2024 19:57:54 GMT
x-goog-stored-content-length
43
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0SjdtusLMzFKMkspdUwAKfn_DgVEhZVoXasmb7ADosrIZ6RkcNIfICFfm_vURLtB353nVE4ZdaAQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc0596bac732a-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
age
47366
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Fri, 25 Oct 2024 16:09:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 16:09:57 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/
43 B
925 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.24162236454872477
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
122122
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oelj0ct8%2FmlMEolDRbMvtzH9CmY4USUFLc%2FgcByNWYTolZlQi6F%2F%2B5rUocOwALbHm0P9pV5W%2B7i98wvQVXF4ENJWKxjiM74RAERGPEg1SJBfHTXICa4lCPNll8XzLP9%2BynJ%2BhHG7mUpG5zT7JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 23 Oct 2024 19:57:54 GMT
x-goog-stored-content-length
43
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0SjdtusLMzFKMkspdUwAKfn_DgVEhZVoXasmb7ADosrIZ6RkcNIfICFfm_vURLtB353nVE4ZdaAQ
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc0596bad732a-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
bounce
id5-sync.com/
30 B
235 B
Fetch
General
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://gw2efficiency.com
date
Fri, 25 Oct 2024 05:19:22 GMT
content-type
text/plain;charset=utf-8
vary
Origin
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/
45 B
289 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
4472b8449ffd626dd8620140a125318f647aa8035fbf494f50aa5ee8cc332dd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://gw2efficiency.com
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/
481 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
etag
14283833466912019972
age
69372
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 10:03:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 10:03:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
v3
id5-sync.com/gm/
319 B
516 B
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5PrebidModule.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ad21369dfe114f6f027f993547efc1436ca4ef2154c214be6a08c9f5ff80e9ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://gw2efficiency.com
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=6278260873756672
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
ff0723fc3ffaba65ae40e48023b013da6df4aed73949487e8c4a5fd9b000946e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
application/json
vary
Origin
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=HwFc2J6Sx&w=5206923804147712&o=6278260873756672&cv=2.1.60-1-gb71443f&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fgw2efficiency.com%2F&sid=Tfyml6ls&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:23 GMT
vary
Origin
da657530-03e5-4306-95bc-d4eb370426c9
config.aps.amazon-adsystem.com/configs/
563 B
839 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-123.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
c9ab5fc7c9f92613f27a35c067ae644438758fcce5e6c2bf1b62de9e434e5800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
max-age=3600
age
1801
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
8jAblMPQMEJizZBZt5kndedMjEafDpuhktpMuxY1VKLAMmvsUZYyaQ==
date
Fri, 25 Oct 2024 04:49:23 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
937 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgw2efficiency.com&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d8f5654a9edd66e7d501762f19b82b13cd502b212f18ec90c75252d51568f88f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
access-control-allow-origin
https://gw2efficiency.com
x-cache
Miss from cloudfront
content-length
937
x-amz-cf-id
SDeC_FwL50sDnkNR5xzlGHwBCc3pvlKmkUJWTB8pz6bpaB_3l2e4-w==
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
FRA56-P6
server
Server
bid
aax.amazon-adsystem.com/e/dtb/
23 B
379 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgw2efficiency.com%2F&pid=ZTnfsqySoeO0D&cb=0&ws=1600x1200&v=24.910.1025&t=2200&slots=%5B%7B%22sd%22%3A%22desktop_footer_static_970x250_l%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22300x250%22%2C%22728x90%22%2C%22320x100%22%2C%22320x50%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1%21nitropay.com%2C1354%2C1%2C%2C%2C&pubid=da657530-03e5-4306-95bc-d4eb370426c9&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-15-236.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
access-control-allow-origin
https://gw2efficiency.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
UMNeKwm8QCDtpRqwFC-RTUoPXKF6tg-toFXvxZYqCZB-T1oNTVIRKw==
date
Fri, 25 Oct 2024 05:19:23 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA56-P11
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
82603
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
ByLY3TP94c5csZjH2Apf-vs4R0HAFHvOsbWfwgsShKfuDpircRMPXw==
date
Thu, 24 Oct 2024 06:22:42 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
lang.png
s.nitropay.com/cmp/
2 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/lang.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
cf-cache-status
HIT
etag
"ca072a3965f49a2c242c45d535163a53"
age
2309
x-goog-stored-content-encoding
identity
expires
Fri, 25 Oct 2024 05:12:54 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1887
date
Fri, 25 Oct 2024 05:19:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0RXp9GpW-sXAviL6mwIY5fYing3ImcG9-MwDXNUq3FGmXoTFp_p9KzHaxd8Kdevyl2SQo6QdujSw
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc061cce97732-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058779792
content-length
1887
server
cloudflare
cancel.png
s.nitropay.com/cmp/
1 KB
2 KB
Image
General
Full URL
https://s.nitropay.com/cmp/cancel.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
cf-cache-status
HIT
etag
"c707b2d501a53bc2c66e98e4e5cabefb"
age
2270
x-goog-stored-content-encoding
identity
expires
Fri, 25 Oct 2024 05:41:34 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1302
date
Fri, 25 Oct 2024 05:19:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3oH2z_Ko7RzcOM8UYxaP71UAe69RNAHxMeTZ7Ipv2oCiQt51fEB6S_TvXAhZdFTnGVuFxTmP0iBQ
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc061cceb7732-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058825998
content-length
1302
server
cloudflare
logo.png
s.nitropay.com/cmp/
3 KB
3 KB
Image
General
Full URL
https://s.nitropay.com/cmp/logo.png
Requested by
Host: gw2efficiency.com
URL: https://gw2efficiency.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:34e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
cf-cache-status
HIT
etag
"940aa5b81e99bbb7414acc474a89bad9"
age
2150
x-goog-stored-content-encoding
identity
expires
Fri, 25 Oct 2024 05:43:34 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2592
date
Fri, 25 Oct 2024 05:19:24 GMT
content-type
image/png
last-modified
Fri, 21 Oct 2022 09:20:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0lrBzk5NXboJWuNLUGuD2Kwqs3zitny5tM4kCyBT6Vmwm-ygdQp5wlOgo8QCwFJ1aOBhOR-H0uyg
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7fc061dcf67732-LHR
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1666344058842900
content-length
2592
server
cloudflare
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.23.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Fri, 25 Oct 2024 05:34:24 GMT
accept-ranges
bytes
content-length
17407
date
Fri, 25 Oct 2024 05:19:24 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
id5-api.js
cdn.id5-sync.com/api/1.0/
98 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

x-amz-id-2
m0t81lRXXU3UwkTJxgvAfTvVPPF05sOt87JbGfKf86m8vQPkJcyS116WbQTViWD/XJmK/ktOFwc=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"f24286e1b73c01841e789906d50ce23f"
age
713
x-amz-request-id
W2C6Y163Z991SBD9
cf-ray
8d7fc063fe896511-LHR
date
Fri, 25 Oct 2024 05:19:24 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 02 Oct 2024 12:26:13 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
favicon.ico
gw2efficiency.com/
198 B
791 B
Other
General
Full URL
https://gw2efficiency.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228affe8850f7cfdeadafab815544bdd0e0c2f7998e123f790aa1a7ec6b02496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67187782-c6"
age
3070
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4TbJge7rt6HCfIyou72RzdCWxljBb3DwyI5lvSB%2BpIvUwnn8Xf5qO0kWhwnOG0dDoC89JrTyc7SJV2aDnaSIqVjCtygg%2FGBY7gqDqRTN44p1WPZGGBps2ZOvdNzJFXsteHoAYo6bYlI1IvGhPc3GWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60692&sent=1721&recv=251&lost=169&retrans=171&sent_bytes=2000370&recv_bytes=19305&delivery_rate=25574&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=13374&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:25 GMT
content-type
image/x-icon
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc0687c267791-LHR
server
cloudflare
favicon-32x32.png
gw2efficiency.com/
1022 B
2 KB
Other
General
Full URL
https://gw2efficiency.com/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:ae9d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd43d4948cefdd840dbc4261b7035b65671e00ae9450a4f6108887d5c8d84fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

cf-cache-status
HIT
etag
"67187782-3fe"
age
2133
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LRmLISYSsBzhHpnOBeXzhNJZzbkVi77RLnffESmmjga%2FdBNQYsiaqoViYCYYKkK5lPtFctn9%2BU8mKBdJH%2B3EU1NhrqwWoY5RHfd%2FfX6vohYrUUnzt9SyLwJfN7pC4oeYQgSzVB354sXkuBT%2BKSO7A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57178&sent=1723&recv=253&lost=169&retrans=171&sent_bytes=2001209&recv_bytes=19980&delivery_rate=16509&cwnd=228711&unsent_bytes=0&cid=2ec507134aad4993&ts=13433&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 25 Oct 2024 05:19:25 GMT
content-type
image/png
last-modified
Wed, 23 Oct 2024 04:11:46 GMT
vary
Accept-Encoding
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7fc068dc6d7791-LHR
accept-ranges
bytes
content-length
1022
server
cloudflare
hadronid
id.hadron.ad.gt/api/v1/
0
0

translator
hbopenbid.pubmatic.com/
0
0

bid
ap.lijit.com/rtb/
0
0

prebidjs
rtb.openx.net/openrtbb/
0
0

prebidjs
rtb.openx.net/openrtbb/
0
0

auction
tlx.3lift.com/header/
0
0

prebid
ib.adnxs-simple.com/ut/v3/
0
0

cdb
bidder.criteo.com/
0
0

auction
prebid-server.rubiconproject.com/openrtb2/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

v1
btlr.sharethrough.com/universal/
0
0

v1
btlr.sharethrough.com/universal/
0
0

pbjs
htlb.casalemedia.com/openrtb/
0
0

1722
tracker.nitropay.com/i/
0
0
Fetch
General
Full URL
https://tracker.nitropay.com/i/1722?d=eyJhdWYiOiJkaXNwbGF5IiwiYWRVbml0Q29kZSI6ImRlc2t0b3BfZm9vdGVyX3N0YXRpY185NzB4MjUwX2wiLCJiaWRkZXIiOiJibGFuayIsImhlaWdodCI6MCwid2lkdGgiOjAsImNwbSI6MCwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL2d3MmVmZmljaWVuY3kuY29tLyIsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiIwMTkyYzIxZC02ODQ1LTdmNTEtYjRjOC0wOWYwMDBkMDIzNWEiLCJ0aW1lVG9SZXNwb25kIjowLCJjIjoiR0IiLCJyIjoiRU5HIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0YXJnZXRpbmciOnsiX2V4cC5jb25maWciOiIwIn0sInRpbWVzdGFtcCI6MTcyOTgzMzU3MDkwOSwiZiI6Imc4c3NyNSIsInYiOiIzNWI0YmQ3In0%3D&p=0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.27.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 05:19:31 GMT
server
nginx/1.27.0
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://gw2efficiency.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Sat, 26 Oct 2024 05:19:34 GMT
access-control-allow-origin
*
date
Fri, 25 Oct 2024 05:19:34 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
pd
u.openx.net/w/1.0/ Frame A335
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://gw2efficiency.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Fri, 25 Oct 2024 05:19:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 0CB5
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gw2efficiency.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
70
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8d7fc0c4592f88bc-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 05:19:40 GMT
expires
Fri, 25 Oct 2024 09:19:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1683
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gw2efficiency.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 25 Oct 2024 05:19:40 GMT
usync.html
eus.rubiconproject.com/ Frame 1D8F
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://gw2efficiency.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Fri, 25 Oct 2024 05:19:40 GMT
etag
"28052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8583
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156737&gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1722.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://gw2efficiency.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=160918
content-encoding
gzip
content-length
5633
content-type
text/html
date
Fri, 25 Oct 2024 05:19:40 GMT
expires
Sun, 27 Oct 2024 02:01:38 GMT
last-modified
Mon, 26 Aug 2024 15:25:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=64232681
Domain
id.hadron.ad.gt
URL
https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=720&_it=prebid
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.52.0
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
rtb.openx.net
URL
https://rtb.openx.net/openrtbb/prebidjs
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.52.0&referrer=https%3A%2F%2Fgw2efficiency.com%2F&tmax=2200&gdpr=true&cmp_cs=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---
Domain
ib.adnxs-simple.com
URL
https://ib.adnxs-simple.com/ut/v3/prebid
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.52.0&cb=50563611220&lsavail=1
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17374&site_id=513184&zone_id=3080224&size_id=15&alt_size_ids=2%2C43%2C55%2C57%2C117&gdpr=1&gdpr_consent=CQHDLsAQHDLsADyvSAENBLFAAAAAAAAAAAwIAAAAAAAA.IAAA&us_privacy=1---&gpp=DBABM~&gpp_sid=2&rp_schain=1.0,1!nitropay.com,1354,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=a16f1b76-326b-471c-b5e0-f428193e5c61%5E1&rf=https%3A%2F%2Fgw2efficiency.com%2F&kw=guild%20wars%202%2C%20guild%20wars&tg_i.domain=gw2efficiency.com&tg_i.page=https%3A%2F%2Fgw2efficiency.com%2F&tg_i.name=gw2efficiency&tg_i.cattax=7&tg_i.cat=680%2C684%2C691%2C692%2C696&tg_i.privacypolicy=1&tg_i.pbadslot=%2F%23desktop_footer_static_970x250_l&tk_flint=pbjs_lite_v8.52.0&x_source.tid=6e65eed9-7468-450d-a648-5daf1d8255a6&l_pb_bid_id=203fc33cd90ec6e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0f747170-637a-462a-a948-1e3d8a504db9&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F%23desktop_footer_static_970x250_l&m_ch_mobile=%3F0&slots=1&rand=0.8854590926312575
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1045122

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| Raven function| webpackHotUpdate object| __core-js_shared__ object| angular number| ng339 function| moment function| getApplicationLanguage function| getUserCurrency object| application_locales function| forceRender function| deepClone function| array_find function| array_extract function| array_sum function| array_merge function| array_unique function| array_chunk function| object_to_array function| _map function| two_digits function| dd function| itemsFromIds function| slugify function| current_date function| matchAll function| _characterSpecialisation function| setImmediate function| clearImmediate function| analyticsEvent object| nitroAds function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| resizeSubNavigation function| renderEverythingColorful object| googletag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| ads object| nads object| napbjs object| _pbjsGlobals object| regeneratorRuntime object| mnet function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| nitroAdsCustomConsents string| nitroAdsPublisherCC object| __tcfapi_queue function| __tcfapi object| apstag object| gaplugins object| gaData object| nitroAdsCMP object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init function| __cmp boolean| __npcmp_gdpr object| id5Prebid object| __bt object| __bt_intrnl object| __bt_tag_d object| ggeac object| google_js_reporting_queue boolean| __bt_already_invoked object| _aps boolean| apstagLOADED object| apscustom object| google_reactive_ads_global_state object| __id5_finalization_registry object| ID5 object| PublisherCommonId function| pubHadronCb object| Criteo

12 Cookies

Domain/Path Name / Value
api.gw2efficiency.com/ Name: connect.sid
Value: s%3ABv-YNbBRnhAfPsRVbSVaIpHPAJeE4VXf.GnykKLxRQtlIi2e8ptnf4YCv%2FRF5OCBq60yB%2F3sONhg
.gw2efficiency.com/ Name: _ga_E2Z6ZDENC7
Value: GS1.1.1729833556.1.0.1729833556.0.0.0
.nitropay.com/ Name: __cf_bm
Value: NqmK.Z176N5rekabMYsv4g8.LNYGRwmlWAGNjOeSMjg-1729833557-1.0.1.1-5nyuXvhqqXUzEeDI_D9CEtbGkP3ieXfE1OMErWngxDv_fKRT4VPU3pyFOvIJyvw5zMnUGmgu6hXmF3ut0G11mQ
gw2efficiency.com/ Name: _lr_retry_request
Value: true
gw2efficiency.com/ Name: _lr_env_src_ats
Value: false
.gw2efficiency.com/ Name: _ga
Value: GA1.2.2142357744.1729833556
.gw2efficiency.com/ Name: _gid
Value: GA1.2.1528549878.1729833560
.gw2efficiency.com/ Name: _gat_gtag_UA_49743502_1
Value: 1
.gw2efficiency.com/ Name: ncmp.domain
Value: gw2efficiency.com
.id5-sync.com/ Name: id5
Value: 6c897d26-f8f4-7bd9-9192-5751e1ceba82#1729833561828#1
gw2efficiency.com/ Name: na-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-10-25T05%3A19%3A21%22%7D
gw2efficiency.com/ Name: na-unifiedid_cst
Value: VyxHLMwsHQ%3D%3D

7 Console Messages

Source Level URL
Text
network error URL: https://api.gw2efficiency.com/user/status?v=2021-07-24T00%3A00%3A00Z
Message:
Failed to load resource: the server responded with a status of 403 ()
recommendation verbose URL: https://gw2efficiency.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://api.gw2efficiency.com/user/key-value-store?key=api_key_names
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.gw2efficiency.com/user/key-value-store?key=api_key_names
Message:
Failed to load resource: the server responded with a status of 403 ()
rendering warning URL: https://gw2efficiency.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0402E031C150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript error URL: https://gw2efficiency.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=64232681' from origin 'https://gw2efficiency.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=64232681
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ap.lijit.com
api.btloader.com
api.gw2efficiency.com
api.rlcdn.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn.id5-sync.com
cdn.ravenjs.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
eb2.3lift.com
edge.gw2efficiency.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
gw2efficiency.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
id.hadron.ad.gt
id5-sync.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
prebid-server.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s.nitropay.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
tlx.3lift.com
tracker.nitropay.com
u.openx.net
www.google-analytics.com
www.googletagmanager.com
ap.lijit.com
api.rlcdn.com
bidder.criteo.com
btlr.sharethrough.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
id.hadron.ad.gt
prebid-server.rubiconproject.com
rtb.openx.net
tlx.3lift.com
104.18.38.76
108.138.6.136
130.211.23.194
141.95.98.65
142.250.181.230
162.19.138.83
18.244.15.236
18.245.31.123
184.30.22.30
195.201.24.68
2001:4860:4802:32::36
23.215.23.172
23.35.236.201
2606:4700:10::6816:3456
2606:4700:10::ac43:293c
2606:4700:20::ac43:4513
2606:4700:3034::ac43:ae9d
2606:4700:3037::6815:1f0a
2606:4700::6812:34e
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:810::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::729
2a06:98c1:3120::3
34.98.64.218
35.244.144.25
52.223.40.198
76.223.111.18
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a1afe3b0a4185492a754040fa81d752e376feb09ff117d08301ff8884d3e65c
1bb42fd09eef91fa3c4c3178da1629453f20632decc9a010ec69051f9904d695
1dbe8d493116cb05b01e50061834d1958a4691346e6b47e8cff744b5d13bda04
228affe8850f7cfdeadafab815544bdd0e0c2f7998e123f790aa1a7ec6b02496
2847acd0dcff8bb875c7fb3ca41197363dbf4285e1088650d04e29e0ccef5329
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2aea401544bffb17cb79d9f2f6b31ba1e7aaba038cbb64c91e1446eec9084646
3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e1c34be182bbbf3fb984142b8a4e6ad6f9419442cae949d67673111eed3fcb7
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4472b8449ffd626dd8620140a125318f647aa8035fbf494f50aa5ee8cc332dd8
47973eaf5d0fef2a23688d63e416291c7f19b2f63d6fb01c1c69eaee2c226478
48b0a42cf783da9f0d3f7dba95a811fe2f58cfe7b5a7d99ab0e82a5357d4c200
4961d651f64e945358e898b3c31aecf791a1cd72e0af585d7005a37b2d42a12d
58cf028702c2d57ac0b16271ee97450d2de8d0fca2652fa1251562a410d18942
5cd43d4948cefdd840dbc4261b7035b65671e00ae9450a4f6108887d5c8d84fe
5d74e13622b2936b0395e33581297ab1b1600dd8b6b8c02a0fd292780d6c7a35
60cb8aa3bc65fdd8560e5802d654547bac6c72ff751fe7324b25f04c8aa5c1be
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6b29ef4fb06a7b687ee6366036dce4cb349e00fa4bb1c82ac0c0434fb3f4eec1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7994deac4364b16780c159cabb10947c23633c56cea926673c1ed9ae0ae6bed8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8e41ed2625b8c026506d6e11a13ca7eb37f8557d252c3b6a58c1f96cee862cc7
911a3e38db7de24a5e5ff3f78851076bc321f3c12e5e5034de0e80273a6548de
942f8186f8dd64902f7b1f19eb3d330e9651544cff0d1e28409681801bb124ec
945493a45f71e1c4947067f5f5d19eecadcb62b653fb6df5d17fd8659bb30656
a1f7dc95ea8c52d136d3bf1305c1e3a163d40cf73ad43956630b16f4193947be
ad21369dfe114f6f027f993547efc1436ca4ef2154c214be6a08c9f5ff80e9ce
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b0ac7f46536b9c97219b1e67bcb29296ca1978b8a36a1043fa60d87821af7940
b4f638a12bb433de8a12c744ae820c4d518768412a202c4b95f02cbfff85549b
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c81af35c3bdc5f142b946b19b940ee80d1f644e2fdab4e455075910872b7a771
c8338823decc19c3fae13c2acf24ab7c02a991c156439332c195824dba6f2c9d
c9ab5fc7c9f92613f27a35c067ae644438758fcce5e6c2bf1b62de9e434e5800
cb989c9901f49eb007990fe871851f7533e55343b8be10fd7b93c3c4e447a139
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2461c657d92029c758cbdaddd4d6cf3d1720e5386efddc0d5875eaba6971c0a
d45c46ce40762e9e8ca9b3beb6dc302ba333eabb4c9ee32fdca4759794b862a3
d8f5654a9edd66e7d501762f19b82b13cd502b212f18ec90c75252d51568f88f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daa14062cd460d31208914c3aa77bcb50201b4bb0aeeed9cda46773456deb2dc
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95cc82e6dfcf40bfd884871e5bac3ab4f38883fcc576e348ff26a177fdc63c1
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1743652b65bd548f60465470a526909f9e3643a04e2f9b9d5dfcd509aff1d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff0723fc3ffaba65ae40e48023b013da6df4aed73949487e8c4a5fd9b000946e