www.everdrytoledo.com Open in urlscan Pro
173.201.177.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ruskind.com/
Effective URL:
https://www.everdrytoledo.com/
Submission: On July 27 via api (July 27th 2024, 1:18:43 pm UTC) from US — Scanned from US

Summary HTTP 136 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 2 countries across 45 domains to perform 136 HTTP transactions. The main IP is 173.201.177.229, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.everdrytoledo.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on July 25th 2024. Valid for: a year.

This is the only time www.everdrytoledo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
44	173.201.177.229 173.201.177.229	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
1	99.84.108.3 99.84.108.3	16509 (AMAZON-02) (AMAZON-02)
1 1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c0b::8a	15169 (GOOGLE) (GOOGLE)
1	18.160.41.58 18.160.41.58	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2606:4700:303... 2606:4700:3035::ac43:821e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.139.167.176 3.139.167.176	16509 (AMAZON-02) (AMAZON-02)
1 4	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
1	99.84.191.81 99.84.191.81	16509 (AMAZON-02) (AMAZON-02)
1	13.59.189.131 13.59.189.131	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c08::68	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.86.70.109 34.86.70.109	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.59.134.249 13.59.134.249	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
2	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1f16:f60... 2600:1f16:f60:9203:8a67:f3da:af74:3d99	16509 (AMAZON-02) (AMAZON-02)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21 24	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:5012:c2ca:70d1:c09	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	13.249.39.110 13.249.39.110	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:219... 2600:9000:2199:9a00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:207... 2600:9000:2073:c800:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	207.65.37.184 207.65.37.184	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	63.251.28.210 63.251.28.210	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	52.55.138.184 52.55.138.184	14618 (AMAZON-AES) (AMAZON-AES)
1	23.219.8.236 23.219.8.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	107.23.203.136 107.23.203.136	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.234.72.128 34.234.72.128	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	142.251.16.157 142.251.16.157	15169 (GOOGLE) (GOOGLE)
1 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.251.179.157 142.251.179.157	15169 (GOOGLE) (GOOGLE)
136	45

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.ruskind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 173.201.177.229 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-173-201-177-229.ip.secureserver.net

www.everdrytoledo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.108.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-3.iad79.r.cloudfront.net

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c0b::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::ac43:821e (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.139.167.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-167-176.us-east-2.compute.amazonaws.com

collector-11638.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::9c (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-81.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.59.189.131 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-189-131.us-east-2.compute.amazonaws.com

ftlaunchpad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.59.134.249 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-134-249.us-east-2.compute.amazonaws.com

build.1pdata.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:f60:9203:8a67:f3da:af74:3d99 (Columbus, United States)

ASN16509 (AMAZON-02, US)

hits3.livemarketshoppers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 35.194.66.159 (Washington, United States) 21 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:5012:c2ca:70d1:c09 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.110 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-110.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:9a00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2073:c800:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.37.184 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.138.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-138-184.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.219.8.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-8-236.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.203.136 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-203-136.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.234.72.128 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-72-128.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.157 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.157 (Farmingdale, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: pd-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	everdrytoledo.com www.everdrytoledo.com	626 KB
26	simpli.fi 21 redirects tag.simpli.fi — Cisco Umbrella Rank: 8238 i.simpli.fi — Cisco Umbrella Rank: 6968 um.simpli.fi — Cisco Umbrella Rank: 1484	15 KB
11	tawk.to embed.tawk.to — Cisco Umbrella Rank: 12323 va.tawk.to — Cisco Umbrella Rank: 12027	178 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	5 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	734 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	5 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 z.clarity.ms — Cisco Umbrella Rank: 8883 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
5	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	256 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	83 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	gstatic.com fonts.gstatic.com	131 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 689	895 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 864	502 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 383	2 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669	902 B
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1396	895 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	837 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 612	494 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 3519	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 4127	865 B
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1598	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 910 d.agkn.com — Cisco Umbrella Rank: 1174	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 632	970 B
2	tvsquared.com collector-11638.tvsquared.com	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 14993 jelly-v6.mdhv.io — Cisco Umbrella Rank: 16399	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	12 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	34 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	1 KB
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	23 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1285	634 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1556	480 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 2757	421 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 969	655 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1373	551 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885	175 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 741	99 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	775 B
1	livemarketshoppers.com hits3.livemarketshoppers.com — Cisco Umbrella Rank: 41171	275 B
1	1pdata.app build.1pdata.app — Cisco Umbrella Rank: 75510	1 KB
1	ftlaunchpad.ai ftlaunchpad.ai — Cisco Umbrella Rank: 85448	2 KB
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 17209	12 KB
1	ruskind.com 1 redirects www.ruskind.com	305 B
0	lkqd.net Failed cs.lkqd.net Failed
136	45

	Domain	Requested by
44	www.everdrytoledo.com	www.everdrytoledo.com
24	um.simpli.fi	21 redirects
8	www.facebook.com	www.everdrytoledo.com
8	embed.tawk.to	www.everdrytoledo.com embed.tawk.to
8	www.googletagmanager.com	www.everdrytoledo.com www.googletagmanager.com ftlaunchpad.ai
5	connect.facebook.net	www.everdrytoledo.com connect.facebook.net
5	www.google-analytics.com	www.everdrytoledo.com www.google-analytics.com www.googletagmanager.com
4	www.google.com	www.everdrytoledo.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
4	fonts.gstatic.com	fonts.googleapis.com
3	idsync.rlcdn.com	2 redirects
3	va.tawk.to	embed.tawk.to
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	px.ads.linkedin.com	1 redirects
2	ce.lijit.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	1 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	c.clarity.ms	1 redirects
2	z.clarity.ms	www.clarity.ms
2	collector-11638.tvsquared.com	www.everdrytoledo.com
2	www.clarity.ms	www.everdrytoledo.com www.clarity.ms
2	cdnjs.cloudflare.com	www.everdrytoledo.com
1	pixel.rubiconproject.com
1	www.googleadservices.com	1 redirects
1	pippio.com	1 redirects
1	stags.bluekai.com
1	sync.bfmio.com
1	ads.stickyadstv.com
1	image2.pubmatic.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	sync.1rx.io
1	i.simpli.fi	tag.simpli.fi
1	c.bing.com	1 redirects
1	hits3.livemarketshoppers.com	www.everdrytoledo.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	build.1pdata.app	ftlaunchpad.ai
1	tag.simpli.fi	ftlaunchpad.ai
1	ftlaunchpad.ai	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.everdrytoledo.com
1	jelly-v6.mdhv.io	www.everdrytoledo.com
1	jelly.mdhv.io	1 redirects
1	cdn.callrail.com	www.everdrytoledo.com
1	ajax.googleapis.com	www.everdrytoledo.com
1	fonts.googleapis.com	www.everdrytoledo.com
1	www.ruskind.com	1 redirects
0	cs.lkqd.net Failed
136	57

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.houzz.com
www.facebook.com
www.nari.org
www.angieslist.com
www.bbb.org
www.toledohba.com
www.energystar.gov
basementhealth.org
www.homeadvisor.com
www.artonicweb.com

Subject Issuer	Validity	Valid
everdrytoledo.com Starfield Secure Certificate Authority - G2	`2024-07-25` - `2025-08-26`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M03	`2024-06-10` - `2025-07-09`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-05` - `2024-08-03`	3 months	crt.sh
tawk.to WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2024-06-14` - `2025-07-12`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
ftlaunchpad.ai Amazon RSA 2048 M03	`2024-03-16` - `2025-04-14`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
1pdata.app Amazon RSA 2048 M03	`2024-01-07` - `2025-02-05`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
livemarketshoppers.com Amazon RSA 2048 M02	`2024-01-09` - `2025-02-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.everdrytoledo.com/
Frame ID: 252ECD2565C8888CF9081C0A5DB8D701
Requests: 135 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Basement Waterproofing in Toledo, OH | EverDry Toledo

Page URL History Show full URLs

https://www.ruskind.com/ HTTP 301
https://www.everdrytoledo.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

82 %
HTTPS

40 %
IPv6

45
Domains

57
Subdomains

45
IPs

2
Countries

1955 kB
Transfer

4505 kB
Size

83
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/everdrytoledo

Search URL Search Domain Scan URL

URL: http://www.houzz.com/pro/everett3307/everdry-waterproofing-of-toledo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/teamEverdry

Search URL Search Domain Scan URL

URL: http://www.nari.org/

Search URL Search Domain Scan URL

URL: http://www.angieslist.com/companylist/us/oh/toledo/everdry-waterproofing-reviews-353950.htm

Search URL Search Domain Scan URL

URL: http://www.bbb.org/toledo/business-reviews/basement-waterproofing/everdry-waterproofing-in-toledo-oh-2528

Search URL Search Domain Scan URL

URL: http://www.toledohba.com/

Search URL Search Domain Scan URL

URL: https://www.energystar.gov/

Search URL Search Domain Scan URL

URL: http://basementhealth.org/

Search URL Search Domain Scan URL

URL: https://www.homeadvisor.com/rated.EverdryToledo.8447993.html

Search URL Search Domain Scan URL

URL: https://www.artonicweb.com/
Title: Ohio Web Design

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ruskind.com/ HTTP 301
https://www.everdrytoledo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://jelly.mdhv.io/v1/star.gif?pid=46bp8a86iQM0NwRBMyXT7pLdNkZR&src=mh&evt=hi%3Chttps://linkprotect.cudasvc.com/url?a=https%3a%2f%2fjelly.mdhv.io%2fv1%2fstar.gif%3fpid%3d46bp8a86iQM0NwRBMyXT7pLdNkZR%26src%3dmh%26evt%3dhi&c=E,1,yrlLHxEq-WYUyw9ngtKfOxxk7Ml6IepyFMddlhCTGwhclY55dMZWFdSVm-BTYjlgZ1j8TDDX83GOCA0k2XjP_Knjy3PU4CiAfPwOOx2ROoOD&typo=1%3E HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?c=E%2C1%2CyrlLHxEq-WYUyw9ngtKfOxxk7Ml6IepyFMddlhCTGwhclY55dMZWFdSVm-BTYjlgZ1j8TDDX83GOCA0k2XjP_Knjy3PU4CiAfPwOOx2ROoOD&evt=hi%3Chttps%3A%2F%2Flinkprotect.cudasvc.com%2Furl%3Fa%3Dhttps%3A%2F%2Fjelly.mdhv.io%2Fv1%2Fstar.gif%3Fpid%3D46bp8a86iQM0NwRBMyXT7pLdNkZR%26src%3Dmh%26evt%3Dhi&pid=46bp8a86iQM0NwRBMyXT7pLdNkZR&src=mh&tx=bbf94a44-6a8b-40ad-9df7-09063a0e22a4&typo=1%3E

Request Chain 103

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&RedC=c.clarity.ms&MXFR=2FFE98EF7CF2668414138C2678F268A7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&MUID=11E0350DBCE8625336D921C4BDEF6381

Request Chain 108

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b10611e1e2&gdpr=0&gdpr_consent=

Request Chain 109

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/4DA6B378AE7541599C0B6AF93984D621

Request Chain 110

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 111

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=4DA6B378AE7541599C0B6AF93984D621

Request Chain 112

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621

Request Chain 113

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://d.agkn.com/pixel/10751/?che=1722086317393&ip=5.181.234.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214630604956010918676 HTTP 302
https://um.simpli.fi/aa_px?sk=214630604956010918676 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 114

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621&ckls=true&ci=lAjLbORNKP&nc=false&trid=-2098114165

Request Chain 115

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4DA6B378AE7541599C0B6AF93984D621

Request Chain 116

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4DA6B378AE7541599C0B6AF93984D621

Request Chain 117

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4DA6B378AE7541599C0B6AF93984D621;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=4DA6B378AE7541599C0B6AF93984D621;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=7388430164897712683

Request Chain 118

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0&xl8blockcheck=1

Request Chain 119

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621&verify=true

Request Chain 120

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=4DA6B378AE7541599C0B6AF93984D621

Request Chain 121

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=4DA6B378AE7541599C0B6AF93984D621

Request Chain 122

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621

Request Chain 123

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621&dnr=1

Request Chain 124

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=4DA6B378AE7541599C0B6AF93984D621 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNERBNkIzNzhBRTc1NDE1OTlDMEI2QUY5Mzk4NEQ2MjEQABoNCK3nk7UGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342&expected_cookie=6912b3cb-71a8-4561-9816-8fb3529cdb46

Request Chain 125

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722086317027&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIt5bcuafHhwMVZFJHAR1HcjhYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5ldmVyZHJ5dG9sZWRvLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIt5bcuafHhwMVZFJHAR1HcjhYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5ldmVyZHJ5dG9sZWRvLmNvbS8&is_vtc=1&cid=CAQSKQDaQooLV_fDDIrM2rjtnQsS03XPCik90nurqeAypRd9VerjCgyEVEZp&random=2840033565

Request Chain 127

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=4DA6B378AE7541599C0B6AF93984D621 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4DA6B378AE7541599C0B6AF93984D621

Request Chain 128

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4DA6B378AE7541599C0B6AF93984D621&expires=365

Request Chain 129

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4DA6B378AE7541599C0B6AF93984D621

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESELDoE8_jsA3xFov3aGeCAvo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DA6B378AE7541599C0B6AF93984D621 HTTP 302
https://um.simpli.fi/g_match?id=

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.everdrytoledo.com/
Redirect Chain

https://www.ruskind.com/
https://www.everdrytoledo.com/

23 KB
6 KB

365ms
77ms

Document
text/html

173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache / PHP/7.4.33
Resource Hash: 1d1536ad8a29b769400ca7d4c5b6470f8a847d93c4d9b3818b6d702b4794d043

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-length: 6527
content-type: text/html; charset=UTF-8
date: Sat, 27 Jul 2024 13:18:35 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Connection: close
Content-Length: 64
Content-Type: text/html; charset=utf-8
Date: Sat, 27 Jul 2024 13:18:35 GMT
Location: https://www.everdrytoledo.com
Server: ip-10-123-124-40.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 5f9cdd04-9dbd-4e7b-b0a0-1152dc32ff4d

GET
H2 200 index.css
www.everdrytoledo.com/css/ 20 KB
4 KB 72ms
72ms Stylesheet
text/css 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everdrytoledo.com/css/index.css
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 0c1fa1adc68a703a1eba248dea05abdc1df1d1521a18f2649e0b8b6eeab5ed5a

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
last-modified: Mon, 14 Aug 2023 17:54:13 GMT
server: Apache
etag: "461201-4f2c-602e5c010b48b-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3668

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
3 KB 70ms
31ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;1,400;1,500&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e2c6e402c74b434cf8741db6a8dec268180c5647b8c98b48631177d0f6e515b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 13:18:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jul 2024 13:18:35 GMT

GET
H2 200 layout.css
www.everdrytoledo.com/css/ 34 KB
6 KB 81ms
77ms Stylesheet
text/css 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everdrytoledo.com/css/layout.css
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: e19b83090f20fcd5749a9efc0c1858230ed4b3d20dfca2299cb49d8db79576f5

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
last-modified: Mon, 24 Apr 2023 21:43:03 GMT
server: Apache
etag: "46120f-88fc-5fa1be43eb7bd-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6515

GET
H3 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 77ms
56ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 324310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvJJKg60T1dJkvydxKmI5vbwDl%2BXBkNJK%2BIRkJ3seGcIFyknxvJ68d6yYMp8mrzS8BHZeL%2FPnWf3dRiZ5NSRuivDRSem4Z6x66muMi9tPc8iZfJ4niBSfNfsEDSo5W%2FQFbqm1k6CM7QZJi1toVsjYhUX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9cea900b0f198e-EWR
expires: Thu, 17 Jul 2025 13:18:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 88ms
20ms Script
text/javascript 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 18:36:24 GMT

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 40ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 251133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6970
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6G0T601jra8ml6fICzRAwL8QYsD%2FhFo9i0eehfgqNM3ePWVcxMfM%2BM22y0QqHVwEa%2BGNheHkbt1lh0DIQdiW8mnh1npZgZhQggmcvEygdqfFYPSztU%2BaNQ5PBMTmPxJUSj2dcgEmAmSffQn4rQPOoY0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a9cea900b10198e-EWR
expires: Thu, 17 Jul 2025 13:18:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 81ms
33ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1059203820

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53e33f1021bc35fe97e66861c986c6f3c1ef41d1da18d996a0a27ed0d7ea5f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85397
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 13:18:35 GMT

GET
H2 200 logo.png
www.everdrytoledo.com/images/ 11 KB
11 KB 74ms
72ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/logo.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: abf14e7a94b0617ca384ba7d69fef3c22dac494061b8208a6e497f50d60704ee

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:58 GMT
server: Apache
accept-ranges: bytes
etag: "4619a7-2c77-5d0eeef454350"
content-length: 11383
content-type: image/png

GET
H2 200 logocover.png
www.everdrytoledo.com/images/ 5 KB
5 KB 76ms
74ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/logocover.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 180e72e074f66f0ededb6b8556ae89d1093d85fcb1d4906349ce18aa491902d1

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:59 GMT
server: Apache
accept-ranges: bytes
etag: "4619a9-1271-5d0eeef4c1573"
content-length: 4721
content-type: image/png

GET
H2 200 social-i.png
www.everdrytoledo.com/images/ 2 KB
2 KB 76ms
75ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/social-i.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: f8229e67137ae552c5cae4924348f4b5cd1c9b67061f1fe5ceac8ed9ccd2d5a5

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:11 GMT
server: Apache
accept-ranges: bytes
etag: "4619d8-6ce-5d0eef00eaefe"
content-length: 1742
content-type: image/png

GET
H2 200 social-h.png
www.everdrytoledo.com/images/ 1 KB
1 KB 76ms
70ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/social-h.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: fd2561151503b0565e82296b096d89fccb328a67197e15e39782f52837547af0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:11 GMT
server: Apache
accept-ranges: bytes
etag: "4619d7-462-5d0eef009ffbf"
content-length: 1122
content-type: image/png

GET
H2 200 social-f.png
www.everdrytoledo.com/images/ 791 B
844 B 90ms
67ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/social-f.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: c64f3ea7d63cfc8c30b4babbcef666b5e71e42930f5c63c13ba7075e9ed84f0f

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:11 GMT
server: Apache
accept-ranges: bytes
etag: "4619d5-317-5d0eef0031245"
content-length: 791
content-type: image/png

GET
H2 200 EVD_-_Map_JPG.jpg
www.everdrytoledo.com/images/ 183 KB
184 KB 109ms
87ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/EVD_-_Map_JPG.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: a2bd541c2fab5608a8ac1a42feee51581f1162d6396bb3197f67be22c051b865

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Fri, 07 Apr 2023 19:37:42 GMT
server: Apache
accept-ranges: bytes
etag: "46120a-2ddf4-5f8c4289ef79c"
content-length: 187892
content-type: image/jpeg

GET
H2 200 clogo1.png
www.everdrytoledo.com/images/ 5 KB
5 KB 111ms
90ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo1.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: d818a9252e8915467a618985f34e14ccd939334bc270bf85bbfee2a14f63fb5c

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461977-149a-5d0eeee9a7f79"
content-length: 5274
content-type: image/png

GET
H2 200 clogo2.png
www.everdrytoledo.com/images/ 3 KB
3 KB 90ms
69ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo2.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 0de84bd0cb55a27c12de38ca6cd303ac37057a67fd8651f1cac34ac8cf14efb4

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461978-bb5-5d0eeee9a77a9"
content-length: 2997
content-type: image/png

GET
H2 200 clogo3.png
www.everdrytoledo.com/images/ 6 KB
6 KB 229ms
208ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo3.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 00b1fa738898c3fc032b09b0c575220587b9a47d6688aa1ad2d61253fa474e75

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461979-169a-5d0eeeea13e13"
content-length: 5786
content-type: image/png

GET
H2 200 clogo8.png
www.everdrytoledo.com/images/ 4 KB
4 KB 228ms
208ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo8.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 4acefc43abfdd9ab55c63ce101f1a790f6b7480a9816c98533d8e355f6ead2ad

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197e-1160-5d0eeeeaee257"
content-length: 4448
content-type: image/png

GET
H2 200 clogo4.png
www.everdrytoledo.com/images/ 5 KB
5 KB 369ms
347ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo4.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 388a3edc5a8e432eaa5c7ab9248c0544dfced9a759b3768bd66e3285c61345e0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "46197a-1350-5d0eeeea1690b"
content-length: 4944
content-type: image/png

GET
H2 200 clogo5.png
www.everdrytoledo.com/images/ 4 KB
4 KB 230ms
208ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo5.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 5acc0061b8ef5dbe2f82be87638b3ed436e0d8f98dc556911b0af3910cbf7717

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197b-10ac-5d0eeeea8141d"
content-length: 4268
content-type: image/png

GET
H2 200 clogo6.png
www.everdrytoledo.com/images/ 4 KB
4 KB 236ms
215ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo6.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: b8e9a0ea9f220ce7be4ffb3988d6235d3a594d4cf8a5c1df7e218c9e60db9ffc

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197c-e07-5d0eeeea80c4d"
content-length: 3591
content-type: image/png

GET
H2 200 clogo7.png
www.everdrytoledo.com/images/ 7 KB
7 KB 237ms
216ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo7.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 1fc0e3d55c25cfc14b5086140fc6748d7a37d5c7ec12079ee6150f0373020cf8

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197d-1a15-5d0eeeeaede6f"
content-length: 6677
content-type: image/png

GET
H2 200 main-js.min.js Show response
www.everdrytoledo.com/scripts/ 37 KB
10 KB 231ms
208ms Script
text/javascript 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everdrytoledo.com/scripts/main-js.min.js
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 9f13befc2717836461e62408c795c96d0470e56388c2e605013f16d750c1b1e7

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
last-modified: Mon, 24 Apr 2023 21:43:03 GMT
server: Apache
etag: "461232-9470-5fa1be43ec75d-br"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 9823

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/369715349/7981b1347375195d3d30/12/ 40 KB
12 KB 115ms
44ms Script
text/javascript 99.84.108.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.callrail.com/companies/369715349/7981b1347375195d3d30/12/swap.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.108.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-108-3.iad79.r.cloudfront.net

Software

Resource Hash

f54f96531b477d526e3f16834d2bdf624f2814310e5af68fd15af62fd3a5807b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD79-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 30b09e9f-1ecc-43fb-ae67-f36e54c8dbd6
x-runtime: 0.009869
referrer-policy: strict-origin-when-cross-origin
etag: W/"f54f96531b477d526e3f16834d2bdf62"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: gXoAgf0kN0ByEBlKsrXzRuRTPxDI_wsS88n55m38fcHfb38sh2lzWQ==

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=46bp8a86iQM0NwRBMyXT7pLdNkZR&src=mh&evt=hi%3Chttps://linkprotect.cudasvc.com/url?a=https%3a%2f%2fjelly.mdhv.io%2fv1%2fstar.gif%3fpid%3d46bp8a86iQM0NwRBMyXT7pLd...
https://jelly-v6.mdhv.io/v1/starV6.gif?c=E%2C1%2CyrlLHxEq-WYUyw9ngtKfOxxk7Ml6IepyFMddlhCTGwhclY55dMZWFdSVm-BTYjlgZ1j8TDDX83GOCA0k2XjP_Knjy3PU4CiAfPwOOx2ROoOD&evt=hi%3Chttps%3A%2F%2Flinkprotect.cuda...

43 B
235 B

121ms
40ms

Image
image/gif

2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?c=E%2C1%2CyrlLHxEq-WYUyw9ngtKfOxxk7Ml6IepyFMddlhCTGwhclY55dMZWFdSVm-BTYjlgZ1j8TDDX83GOCA0k2XjP_Knjy3PU4CiAfPwOOx2ROoOD&evt=hi%3Chttps%3A%2F%2Flinkprotect.cudasvc.com%2Furl%3Fa%3Dhttps%3A%2F%2Fjelly.mdhv.io%2Fv1%2Fstar.gif%3Fpid%3D46bp8a86iQM0NwRBMyXT7pLdNkZR%26src%3Dmh%26evt%3Dhi&pid=46bp8a86iQM0NwRBMyXT7pLdNkZR&src=mh&tx=bbf94a44-6a8b-40ad-9df7-09063a0e22a4&typo=1%3E
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:35 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: ee85709d6c5596de33106f13aee7b8da
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?c=E%2C1%2CyrlLHxEq-WYUyw9ngtKfOxxk7Ml6IepyFMddlhCTGwhclY55dMZWFdSVm-BTYjlgZ1j8TDDX83GOCA0k2XjP_Knjy3PU4CiAfPwOOx2ROoOD&evt=hi%3Chttps%3A%2F%2Flinkprotect.cudasvc.com%2Furl%3Fa%3Dhttps%3A%2F%2Fjelly.mdhv.io%2Fv1%2Fstar.gif%3Fpid%3D46bp8a86iQM0NwRBMyXT7pLdNkZR%26src%3Dmh%26evt%3Dhi&pid=46bp8a86iQM0NwRBMyXT7pLdNkZR&src=mh&tx=bbf94a44-6a8b-40ad-9df7-09063a0e22a4&typo=1%3E
x-cloud-trace-context: 2361a0d493e6643c08a90ba939e1ed0f
date: Sat, 27 Jul 2024 13:18:35 GMT
server: Google Frontend
content-length: 465
content-type: text/html; charset=utf-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 70ms
18ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;1,400;1,500&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Oswald:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 09:49:52 GMT
x-content-type-options: nosniff
age: 12523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 09:49:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
16ms Script
text/javascript 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 27 Jul 2024 11:50:35 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5280
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 27 Jul 2024 13:50:35 GMT

GET
H2 200 hotjar-277084.js Show response
static.hotjar.com/c/ 11 KB
5 KB 153ms
90ms Script
application/javascript 18.160.41.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-277084.js?sv=5

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-58.iad55.r.cloudfront.net

Software

Resource Hash

af2a7683946309077fe69509464fe22a6d17f314bea66b93bec84d8a34440503

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8bf94e29f889f8d0076c4502ae008b58.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/d4822e57914ea0e8019e515a5a5ac598
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3ZF8VGlp6EjoYvN-CNZwXQLZ0D3ORuG4uDPKgG3E5UY_0XMzxOuHbA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
94 KB 106ms
66ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B4KWRK

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b27e48a468adec154e187e5919bd0deb057a0c7b67c758a1adfbc7b22af4f3b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96158
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 13:18:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 70ms
16ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 27 Jul 2024 13:18:35 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=12, mss=1328, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4Pocz7ASutLuJv97HHrl4CmBqwrsmiDayH5vhlOMImO0VJj+7LtFlQQJ36NtWPMDpBnulpaLuYqen3xbLpfUHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 default Show response
embed.tawk.to/5dfa8e2643be710e1d22b534/ 2 KB
1 KB 46ms
24ms Script
application/x-javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b95dcb6aa49605407feeb211c8731eed0ad442f195389b77e085d07c13113846

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3195
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"stable-v4-66909c6d5c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmPijo0d8sx99n0vEwMnXSJ7tkmH2A6jRz1KWOugUM2AgPjXdeFRESI%2B7kXj9sHNFk3LcSQnJW4F81xSJ239f11ATwQlEmO%2BjVf7FoMRc4YCiL5opRh3e76WLmzyeUfDc8k6fgJz0Sub1tEq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8a9cea90fe8842e3-EWR

GET
H2 200 5fbp3hx5jj Show response
www.clarity.ms/tag/ 1 KB
1 KB 271ms
119ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5fbp3hx5jj
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b02fd4051347131f272a14acbc590bfff7fe11261c14867eb6e36a6b3fce75b8

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Sat, 27 Jul 2024 13:18:35 GMT
x-azure-ref: 20240727T131835Z-15c77d898446fpkqx5ubs2k22s00000003ag000000005fz6
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1166
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK tv2track.js Show response
collector-11638.tvsquared.com/ 20 KB
9 KB 197ms
26ms Script
application/javascript 3.139.167.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-11638.tvsquared.com/tv2track.js
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.167.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-167-176.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 13:18:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2024 15:15:43 GMT
Server: nginx
ETag: "65d3709f-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Sat, 27 Jul 2024 13:28:35 GMT

GET
H2 200 headerbg.png
www.everdrytoledo.com/images/ 423 B
476 B 228ms
217ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/headerbg.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: c03cab2da8694a8c7c11a655d47ea6af63dc64a0fe5aca8ecd655c93cbf871c1

Request headers

Referer: https://www.everdrytoledo.com/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:56 GMT
server: Apache
accept-ranges: bytes
etag: "46199e-1a7-5d0eeef21964b"
content-length: 423
content-type: image/png

GET
H2 200 headerbg1.jpg
www.everdrytoledo.com/images/ 10 KB
10 KB 224ms
213ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/headerbg1.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: abec485aba2695c5af0a73e5a8b53d14333f7b5d24aba4ff6218976e14ff3e7b

Request headers

Referer: https://www.everdrytoledo.com/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:56 GMT
server: Apache
accept-ranges: bytes
etag: "46199f-27c5-5d0eeef2923ee"
content-length: 10181
content-type: image/jpeg

GET
H2 200 socialbg.png
www.everdrytoledo.com/images/ 711 B
785 B 218ms
208ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/socialbg.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 6fc4165db7057c337a443a0ed6b40f9b79a65982b1337f4cc2175d82a323f475

Request headers

Referer: https://www.everdrytoledo.com/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:10 GMT
server: Apache
accept-ranges: bytes
etag: "4619dc-2c7-5d0eeeffc20e2"
content-length: 711
content-type: image/png

GET
H2 200 menuarrow.png
www.everdrytoledo.com/images/ 165 B
240 B 224ms
214ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/menuarrow.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: bf5a4f90ad9e5bd34a401cf1cd0e9dd8e8592cef06ab83dc2adf88b8f1d7ea04

Request headers

Referer: https://www.everdrytoledo.com/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:00 GMT
server: Apache
accept-ranges: bytes
etag: "4619af-a5-5d0eeef60ab19"
content-length: 165
content-type: image/png

GET
H2 200 bg18.jpg
www.everdrytoledo.com/images/ 144 KB
144 KB 216ms
207ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bg18.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 1769c5aac95e2de7ff0d4c6fb0663515faa9450da1d54274b51a3133bc6b1103

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:44 GMT
server: Apache
accept-ranges: bytes
etag: "461961-2403e-5d0eeee6a14a8"
content-length: 147518
content-type: image/jpeg

GET
H2 200 greybg.png
www.everdrytoledo.com/images/ 153 B
228 B 216ms
207ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/greybg.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 872d131778bdf2d36ae3906566cb2fab649363fccd925b4b4363814a56b28a30

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:56 GMT
server: Apache
accept-ranges: bytes
etag: "46199d-99-5d0eeef21964b"
content-length: 153
content-type: image/png

GET
H2 200 bluebg.jpg
www.everdrytoledo.com/images/ 38 KB
38 KB 216ms
208ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bluebg.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: bf77a0d13bba264d094322e910c1654795260b03d4b6181fe3746f25d010a0a7

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:44 GMT
server: Apache
accept-ranges: bytes
etag: "46196a-9652-5d0eeee6a14a8"
content-length: 38482
content-type: image/jpeg

GET
H2 200 bluegradient.png
www.everdrytoledo.com/images/ 882 B
958 B 357ms
349ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bluegradient.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: ee2f6805081683155c0503455f4a355cb37ee499fead434db8d8e1187f8a6181

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:45 GMT
server: Apache
accept-ranges: bytes
etag: "461970-372-5d0eeee7e96c7"
content-length: 882
content-type: image/png

GET
H2 200 subbg1.png
www.everdrytoledo.com/images/ 1 KB
1 KB 223ms
215ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/subbg1.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 54e8cd7005293319acb0316ea5986b19128fca3f25b4fc987696ef27358fa509

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:13 GMT
server: Apache
accept-ranges: bytes
etag: "4619e2-412-5d0eef02b0ce1"
content-length: 1042
content-type: image/png

GET
H2 200 bullet.png
www.everdrytoledo.com/images/ 847 B
900 B 223ms
213ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bullet.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 492df85d7a5b00dded1cdb5ad0020140c074a1cad582fbbdfc0b5f6ca958df30

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461975-34f-5d0eeee93bcf6"
content-length: 847
content-type: image/png

GET
H2 200 subbg2.png
www.everdrytoledo.com/images/ 425 B
478 B 357ms
346ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/subbg2.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: e1445ca7317c0b4f669b5d1a12caf5bc7222ac5e2a218fe66dd22a06d0f381e4

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:13 GMT
server: Apache
accept-ranges: bytes
etag: "4619e3-1a9-5d0eef02c9b53"
content-length: 425
content-type: image/png

GET
H2 200 arrow.png
www.everdrytoledo.com/images/ 731 B
807 B 355ms
343ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/arrow.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/layout.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: a99650a40ef77313e862f73528a622a6dd704df298714864af7c543c824b97b7

Request headers

Referer: https://www.everdrytoledo.com/css/layout.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:52:27 GMT
server: Apache
accept-ranges: bytes
etag: "461946-2db-5d0eef0f6ca52"
content-length: 731
content-type: image/png

GET
H2 200 bluebg2.jpg
www.everdrytoledo.com/images/ 41 KB
41 KB 222ms
211ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bluebg2.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 3447ae1ac195cbdf9d7d53dc3cde7d5ae9f776f6708f82345a875ba4c9c7a5d9

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:44 GMT
server: Apache
accept-ranges: bytes
etag: "46196b-a338-5d0eeee713cbb"
content-length: 41784
content-type: image/jpeg

GET
H2 200 divider1.png
www.everdrytoledo.com/images/ 674 B
749 B 356ms
345ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/divider1.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: b05c9a3ffa71db2b2879876cbf6e85fb24aa74cf64ade09ec8b676f7703850ee

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:51 GMT
server: Apache
accept-ranges: bytes
etag: "461988-2a2-5d0eeeed2607c"
content-length: 674
content-type: image/png

GET
H2 200 bg1.jpg
www.everdrytoledo.com/images/ 47 KB
47 KB 352ms
341ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bg1.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 32ceb0f601efe039eedf4d5e99694f41c6364205100271271a3ded478f70d718

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:39 GMT
server: Apache
accept-ranges: bytes
etag: "461958-bc01-5d0eeee1dc50e"
content-length: 48129
content-type: image/jpeg

GET
H2 200 bluebg3.jpg
www.everdrytoledo.com/images/ 63 KB
63 KB 354ms
344ms Image
image/jpeg 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/bluebg3.jpg
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/css/index.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: f05a0f5668e613aa998e827c54aad9f1ffb288db4a62ae009ff73c39f9630f9b

Request headers

Referer: https://www.everdrytoledo.com/css/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:44 GMT
server: Apache
accept-ranges: bytes
etag: "46196c-fa82-5d0eeee7203f4"
content-length: 64130
content-type: image/jpeg

GET
H2 200 SlGWmQSNjdsmc35JDF1K5GRweDs1Zw.woff2
fonts.gstatic.com/s/ebgaramond/v27/ 41 KB
41 KB 21ms
17ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGWmQSNjdsmc35JDF1K5GRweDs1Zw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8041d387b4d58cde63480a53ec12bbde608e93d13698f49b3e2adaf994610e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:05:26 GMT
x-content-type-options: nosniff
age: 789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42000
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 13:05:26 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 28ms
25ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 16:20:59 GMT
x-content-type-options: nosniff
age: 593856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 16:20:59 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ 21 KB
21 KB 31ms
29ms Font
font/woff2 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

562fb60b9d94f089e2e35c61b86e4c5c135bb96cb814d5e7b32b60427f10a0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 10:37:03 GMT
x-content-type-options: nosniff
age: 9692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21720
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2025 10:37:03 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 28ms
24ms XHR
text/plain 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=208121685&t=pageview&_s=1&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&ul=en-us&de=UTF-8&dt=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2004391468&gjid=1075906934&cid=1335708255.1722086316&tid=UA-763471-7&_gid=1772630722.1722086316&_r=1&_slc=1&z=4662883

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.everdrytoledo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 507119900119770 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 194ms
191ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/507119900119770?v=2.9.162&r=stable&domain=www.everdrytoledo.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b33e722d188845590196eac6d9e14391b616930816045e58a535c2bf7ab1c5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=65, mss=1328, tbw=64216, tp=-1, tpl=-1, uplat=177, ullat=0
pragma: public
x-fb-debug: INiieqeeQjtMwNTTj4YT0JshvU6o2z7M/4xeXdfBaXwtc68UZWTrYmK1/bO6QWHViEAc4ZmgMNyx6D7u9CstKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1059203820/ 2 KB
1 KB 68ms
34ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059203820/?random=1722086315955&cv=11&fst=1722086315955&bg=ffffff&guid=ON&async=1&gtm=45be47o0v9108282166za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1059203820

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5290d52117f3ef537ec0fc0382d4ad26bc9d47e5e1bf05b06465c88ac18324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1397
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 94ms
17ms Script
application/javascript 99.84.191.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-277084.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-81.iad89.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a97d638d4e395a6f27b927572cf3bfda.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 358649
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: S49udp9NicEbKyvGWFcwxcxuybRFU4ibGlqBK4j5jlNBunJpw3J4Dg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 355 KB
109 KB 46ms
43ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N20EEN9PR4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B4KWRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05364312efc41fb8765f2cf33103f91c3a6dafb8040378e66e8924d3c366d07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jul 2024 13:18:36 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 34ms
32ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-11056419425&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B4KWRK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

478a4b5c7d0bc928843c86eb76e79519f856a6f24a05931f77ed01ff863fc18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83365
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 13:18:36 GMT

GET
H2 200 lptm.js Show response
ftlaunchpad.ai/ 4 KB
2 KB 124ms
30ms Script
application/javascript 13.59.189.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ftlaunchpad.ai/lptm.js?id=e8fd8e
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B4KWRK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.59.189.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-59-189-131.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 0afd31c93af754b8d62b4b9e7aad94f46ec99ad6743fe779fd5de50ca27240c4

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 13:18:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 1674

GET
H/1.1 200
OK tv2track.php
collector-11638.tvsquared.com/ 42 B
276 B 24ms
23ms Image
image/gif 3.139.167.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-11638.tvsquared.com/tv2track.php?action_name=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&idsite=TV-8181366318-1&rec=1&r=284679&h=3&m=18&s=36&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&_id=2b3c15ef1a1df3e7&_idts=1722086316&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=79
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.167.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-167-176.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Sat, 27 Jul 2024 13:18:36 GMT
Server: nginx
Connection: keep-alive
Request-Id: d1ffd980-6427-4594-b2c6-225a0d151941
Content-Length: 42
Content-Type: image/gif

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 18ms
17ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5fbp3hx5jj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
last-modified: Fri, 26 Jul 2024 23:49:00 GMT
etag: W/"0x8DCADCD85F8E42A"
vary: Accept-Encoding
x-azure-ref: 20240727T131836Z-15c77d898446fpkqx5ubs2k22s00000003ag000000005fzp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: eed6a3ae-501e-0029-5400-e010af000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 logoblue.png
www.everdrytoledo.com/images/ 9 KB
9 KB 71ms
70ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/logoblue.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 1188736df9c539e7fc1c316ca49479fc7284573acc3da41c3d88e27b9686d24c

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
last-modified: Tue, 16 Nov 2021 21:51:58 GMT
server: Apache
accept-ranges: bytes
etag: "4619a8-24e0-5d0eeef454b20"
content-length: 9440
content-type: image/png

GET
H2 200 clogo1.png
www.everdrytoledo.com/images/ 5 KB
0 2ms
1ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo1.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: d818a9252e8915467a618985f34e14ccd939334bc270bf85bbfee2a14f63fb5c

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461977-149a-5d0eeee9a7f79"
content-length: 5274
content-type: image/png

GET
H2 200 clogo2.png
www.everdrytoledo.com/images/ 3 KB
0 3ms
3ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo2.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 0de84bd0cb55a27c12de38ca6cd303ac37057a67fd8651f1cac34ac8cf14efb4

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461978-bb5-5d0eeee9a77a9"
content-length: 2997
content-type: image/png

GET
H2 200 clogo3.png
www.everdrytoledo.com/images/ 6 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo3.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 00b1fa738898c3fc032b09b0c575220587b9a47d6688aa1ad2d61253fa474e75

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "461979-169a-5d0eeeea13e13"
content-length: 5786
content-type: image/png

GET
H2 200 clogo8.png
www.everdrytoledo.com/images/ 4 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo8.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 4acefc43abfdd9ab55c63ce101f1a790f6b7480a9816c98533d8e355f6ead2ad

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197e-1160-5d0eeeeaee257"
content-length: 4448
content-type: image/png

GET
H2 200 clogo4.png
www.everdrytoledo.com/images/ 5 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo4.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 388a3edc5a8e432eaa5c7ab9248c0544dfced9a759b3768bd66e3285c61345e0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:47 GMT
server: Apache
accept-ranges: bytes
etag: "46197a-1350-5d0eeeea1690b"
content-length: 4944
content-type: image/png

GET
H2 200 clogo5.png
www.everdrytoledo.com/images/ 4 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo5.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 5acc0061b8ef5dbe2f82be87638b3ed436e0d8f98dc556911b0af3910cbf7717

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197b-10ac-5d0eeeea8141d"
content-length: 4268
content-type: image/png

GET
H2 200 clogo6.png
www.everdrytoledo.com/images/ 4 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo6.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: b8e9a0ea9f220ce7be4ffb3988d6235d3a594d4cf8a5c1df7e218c9e60db9ffc

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197c-e07-5d0eeeea80c4d"
content-length: 3591
content-type: image/png

GET
H2 200 clogo7.png
www.everdrytoledo.com/images/ 7 KB
0 4ms
4ms Image
image/png 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.everdrytoledo.com/images/clogo7.png
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 1fc0e3d55c25cfc14b5086140fc6748d7a37d5c7ec12079ee6150f0373020cf8

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:35 GMT
last-modified: Tue, 16 Nov 2021 21:51:48 GMT
server: Apache
accept-ranges: bytes
etag: "46197d-1a15-5d0eeeeaede6f"
content-length: 6677
content-type: image/png

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-11056419425/ 3 KB
1 KB 40ms
39ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-11056419425/?random=1722086316162&cv=11&fst=1722086316162&bg=ffffff&guid=ON&async=1&gtm=45be47o0z879762503za201zb79762503&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&label=Findlay%20Courier&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-11056419425&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76ae92848b3a4704260b75e6c67ea71cc32b89cf082701a6449d87646805b23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1438
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1059203820/ 42 B
64 B 73ms
28ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1059203820/?random=1722086315955&cv=11&fst=1722085200000&bg=ffffff&guid=ON&async=1&gtm=45be47o0v9108282166za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLFwiLhrKdNugWWK_vMIYXZGOTEYIBYw&random=2752198309&rmt_tld=0&ipr=y

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=208121685&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&ul=en-us&de=UTF-8&dt=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1umiwm2&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1335708255.1722086316&tid=UA-763471-7&_gid=1772630722.1722086316&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F5fbp3hx5jj%2F7p6ty7%2F1umiwm2&z=450759418

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 05:59:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 672398696523555 Show response
connect.facebook.net/signals/config/ 34 KB
5 KB 140ms
139ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/672398696523555?v=2.9.162&r=stable&domain=www.everdrytoledo.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bbfabb2c7c8ce7cfb04aafddbf78af11fe2dc032f8eb903c196b3e7cf57428e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4616, tp=11, tpl=0, uplat=123, ullat=0
pragma: public
x-fb-debug: cY45xxx+AZwF7B9msFos4uI5DXN0M1BhCXitXpKdymFhDB94h3dlEbwMQuAkXzzwxOQFcwyV/VVs3q4l/axsmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 58ms
15ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=507119900119770&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316243&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=GET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=2819, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 151ms
108ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=507119900119770&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316243&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=FGET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 41
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396304408419379179", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=14, mss=1328, tbw=3137, tp=-1, tpl=-1, uplat=94, ullat=0
pragma: no-cache
x-fb-debug: cARSeKUagDDeuDlL9cXrKiqkz+XA1Ol7szYtok4l/cGCBxSAAelt1rqO+NcfA+dBbjY9YCAO5xFu63ebVf9rAw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396304408419379179"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 238dd35a-7f23-4c26-ba6b-c81e327c485b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 59ms
17ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/238dd35a-7f23-4c26-ba6b-c81e327c485b
Requested by: Host: ftlaunchpad.ai
URL: https://ftlaunchpad.ai/lptm.js?id=e8fd8e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: ed9ea4a28021f2f7667682518ed5eac0cf4eaeb788a0c3f66088c808faf4b733

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F-YUYXOM1rAQNGlmyVFC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 hhtransmute.js Show response
build.1pdata.app/ 3 KB
1 KB 113ms
28ms Script
application/javascript 13.59.134.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://build.1pdata.app/hhtransmute.js?ADFogBEYUFR9wVXFAUOAlX
Requested by: Host: ftlaunchpad.ai
URL: https://ftlaunchpad.ai/lptm.js?id=e8fd8e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.59.134.249 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-59-134-249.us-east-2.compute.amazonaws.com
Software: Apache /
Resource Hash: bf75ecd90a07c15655cccf7e92c43c0b502ce4b6a394d4ee87daed8ac57ffd5b

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
server: Apache
etag: 3080767469
content-length: 1271
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 52ms
52ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W4Q2VSYWXC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1059203820

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

701f9292494108faa9009983817e1289dbc2fa2e88d75d24ebc72472f9019619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jul 2024 13:18:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
101 KB 48ms
47ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W4Q2VSYWXC

Requested by

Host: ftlaunchpad.ai
URL: https://ftlaunchpad.ai/lptm.js?id=e8fd8e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65566333567bd9203a3182e218cad94288333dd5586a5b7502dce63d3f585e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jul 2024 13:18:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 46ms
46ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11305237830&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1059203820

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba2e4d50628fe9ae84b1c2c842352b9fb0b40fd76a1c0ecb7fc7b591bd51e6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83463
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 13:18:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 34ms
33ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11305237830

Requested by

Host: ftlaunchpad.ai
URL: https://ftlaunchpad.ai/lptm.js?id=e8fd8e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

368953b4e5e514e98de66323bf0098dbc55850cf9198e9594182767b793a0a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83387
x-xss-protection: 0
last-modified: Sat, 27 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jul 2024 13:18:36 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 46ms
22ms Fetch
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N20EEN9PR4&gtm=45je47o0v868742269z879762503za200zb79762503&_p=1722086315636&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1335708255.1722086316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722086316&sct=1&seg=0&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&dt=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&en=page_view&_fv=1&_ss=1&tfd=1616
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N20EEN9PR4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.everdrytoledo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 58ms
22ms Ping
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N20EEN9PR4&cid=1335708255.1722086316&gtm=45je47o0v868742269z879762503za200zb79762503&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N20EEN9PR4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.everdrytoledo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
285 B 116ms
65ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.everdrytoledo.com
Date: Sat, 27 Jul 2024 13:18:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-11056419425/ 42 B
64 B 31ms
30ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-11056419425/?random=1722086316162&cv=11&fst=1722085200000&bg=ffffff&guid=ON&async=1&gtm=45be47o0z879762503za201zb79762503&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&label=Findlay%20Courier&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLMtC3MVqVhiDHbgf_w0QMTRk2RF4hZpLFyeGfmksRDWsOImRI&random=823299895&rmt_tld=0&ipr=y

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fullthrottlelims_pxl.gif
hits3.livemarketshoppers.com/ 43 B
275 B 101ms
28ms Image
image/gif 2600:1f16:f60:9203:8a67:f3da:af74:3d99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hits3.livemarketshoppers.com/fullthrottlelims_pxl.gif?c=3080767469&r=1722086316451-0.26109512479708785&f=&b=Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/126.0.0.0%20Safari/537.36&l=en-US&p=https%3A//www.everdrytoledo.com/&o=&s=7928&hs=&ss=1&ly=3&z=600
Requested by: Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:f60:9203:8a67:f3da:af74:3d99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
last-modified: Sat, 27 Jul 2024 13:18:36 GMT
server: Apache
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 43
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3 200 569843838500545 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 202ms
200ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/569843838500545?v=2.9.162&r=stable&domain=www.everdrytoledo.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146%2C127%2C120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ce51f5e671d6354363b4212c78062363d627079e6385bc20b225847c88cb297

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=30, mss=1232, tbw=12696, tp=20, tpl=0, uplat=186, ullat=0
pragma: public
x-fb-debug: we3Mww+rQidZFXPOhHstASj9cGUAOVsMxPPUMLZlrsHRHg6LLMvWR9DUUgwcB2jlWNLZxGSvm78575osAf6GaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 17ms
16ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=672398696523555&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316458&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&cs_est=true&it=1722086315901&coo=false&rqm=GET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=14, mss=1328, tbw=6477, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
853 B 70ms
69ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=672398696523555&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316458&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&cs_est=true&it=1722086315901&coo=false&rqm=FGET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396304409425775054", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=14, mss=1328, tbw=6623, tp=-1, tpl=-1, uplat=55, ullat=0
pragma: no-cache
x-fb-debug: CJuK/pVV2EyBQni4WGdNFWwa+G9ymotunv2BpUsUyKIb5IyfoA1byAd/Cp33kfDo16ZW6vI9T5/RV5x0mKTUNw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396304409425775054"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11305237830/ 2 KB
1 KB 37ms
36ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11305237830/?random=1722086316475&cv=11&fst=1722086316475&bg=ffffff&guid=ON&async=1&gtm=45be47o0za200zb9108282166&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11305237830&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afcfee88aa3d7bd1b9f259afb09100b713693b39d20832aa77fd56b67afef22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1409
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 23ms
22ms Fetch
text/plain 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W4Q2VSYWXC&gtm=45je47o0v9137346116za200zb9108282166&_p=1722086315636&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1335708255.1722086316&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722086316&sct=1&seg=0&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&dt=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1733
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4Q2VSYWXC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.everdrytoledo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11305237830/ 42 B
64 B 27ms
26ms Image
image/gif 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11305237830/?random=1722086316475&cv=11&fst=1722085200000&bg=ffffff&guid=ON&async=1&gtm=45be47o0za200zb9108282166&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.everdrytoledo.com%2F&hn=www.googleadservices.com&frm=0&tiba=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&npa=0&pscdl=noapi&auid=70772013.1722086316&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLrYhoy0-wFRZxL_UKzsN6azzmgIyX4oTQmFnnYheXopgwAOE1&random=2918402775&rmt_tld=0&ipr=y

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1635007540318165 Show response
connect.facebook.net/signals/config/ 21 KB
3 KB 115ms
114ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1635007540318165?v=2.9.162&r=stable&domain=www.everdrytoledo.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C223%2C157%2C113%2C129%2C117%2C146%2C127%2C120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb68981dc071e1c377d6345b01af883bad6375161a7e1e2853a16f528becf6f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 67
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=32, mss=1232, tbw=15912, tp=25, tpl=0, uplat=99, ullat=0
pragma: public
x-fb-debug: MPEpana+Ekxy8C+M1/uM6aG1ARiMZrAqJgoAjeV3Uf4by+F4/aBEOKgBHq4HDhDtvH6W3Z3Gyx78y9StBWGyow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 16ms
15ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=569843838500545&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316666&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=GET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4667, tp=12, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 61ms
60ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=569843838500545&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316666&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=FGET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 53
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396304408571412966", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=5035, tp=15, tpl=0, uplat=45, ullat=0
pragma: no-cache
x-fb-debug: teDL7qQCLoFFP4uVHa5xCrvYP5GcKfi8gmZUPfLWT7QfGipTnjd2TUDjNEX1YvN8QeLMq/8PvAU0HdsqrZiLMg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396304408571412966"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 14ms
14ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1635007540318165&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316787&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=GET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=26, mss=1232, tbw=8459, tp=21, tpl=0, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 27 Jul 2024 13:18:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 191ms
190ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1635007540318165&ev=PageView&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&rl=&if=false&ts=1722086316787&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722086316240.699506141751239181&ler=empty&cdl=API_unavailable&it=1722086315901&coo=false&rqm=FGET

Requested by

Host: www.everdrytoledo.com
URL: https://www.everdrytoledo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 27 Jul 2024 13:18:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396304409352302178", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=26, mss=1232, tbw=8699, tp=24, tpl=0, uplat=175, ullat=0
pragma: no-cache
x-fb-debug: 5PeXEoi8GqWwN6eeEUeqattHvbX5xp1XxAP8TJ9SnUxRpBDKkrJw4JOJ4hQDM3PM7+6Q35+13KtE3tT/ey3oIA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396304409352302178"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 121 B
627 B 18ms
18ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1306416
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55syMJEzcK6gnulLICtmYRIH03VRvD8uKNqR%2FGTO0VAHjG4Uo9n89weFZFAHLozttz7tTDSz948W5VTX3u1uUUOKwxROC5e2NS9TPuYG83lz8dcCX4sVthRfAFQdHZwcmLzK5JXRAOLepM1x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db142e3-EWR

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 81 KB
32 KB 22ms
21ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1306416
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9j1ZxXMHP2wVd%2FrNf9hPYBusWypZhePqrnp%2FFftuGPJ3S0HcGs41Jtis0w4eQ4ZAh5xWgINwnUmgQqrksFYz41xdliyjs4kwT5jrhaAr4gQYVlp13aS0A%2Fi4a6kBUhVmmrfnxsNOI7ggbv7n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db342e3-EWR

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 212 KB
72 KB 28ms
27ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1306416
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"77a40166698f808a0942865537165b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUd1nlollMj7dV4Ys3Yji3sHbRVKZ9tlwUmeOQB0rP1Fku21oncchob7Cjmpel3PaKhLQLadQyfcXBBJeBMDalBzbYbZowSLOGCrmgRBXRZjKTp9LM86B44zUn71IrIyxnuNEXI2uvHs2zQL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db442e3-EWR

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 222 KB
63 KB 28ms
28ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1306415
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"69549fdedf7a66967bca1cff84df561e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQbdakfqm92s9SIAsThXfNzSk%2F4YKRNYR7YuH7G31XlWQvnECvZrV4oxH8uuZLctZO3f7VndJT%2F7s7cY1l8jTkmoNRH7f0BrTe%2FMsTAJyGFfNeXbM6QS8%2BRc6hZiuhoIhe3%2BTnQn%2BMgcwmnV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db542e3-EWR

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 2 KB
2 KB 49ms
49ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1306415
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"dca0ffe47071fb33643cea7919ce6e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q43GvXfi2Myz7hH%2BIz3Y3pcDzL35ksTn%2FouNMBUTo0p%2BlFD84OsTrOXavi6Q9C7qjKnAyihOORo8N8Y9N2w8tfquSFBRY3Q%2BgZ78V8QGM6nvy6iWDUnfSyw6B1k1Q4GFdzFHXFVwpo4PKY4d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db642e3-EWR

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ 151 B
656 B 19ms
18ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5dfa8e2643be710e1d22b534/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
Origin: https://www.everdrytoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:36 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1306415
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1gO1WTzGf8YwXoXV0%2FbAeTqwld2jK1gAQx%2BZcMd%2FGQw693STPwGDot8ObtwKCnuZRWQ9SDisXvwBzEggMnWTaiDc9KjkYCbnXFCCLX78ZyeaHkXvw8H%2BnSKRO290JbZdeRoIw6PNybkXlnT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea992db842e3-EWR

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&RedC=c.clarity.ms&MXFR=2FFE98EF7CF2668414138C2678F268A7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&MUID=11E0350DBCE8625336D921C4BDEF6381

42 B
442 B

68ms
67ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&MUID=11E0350DBCE8625336D921C4BDEF6381
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 158CC521A956420B9F888F1FDD985734 Ref B: EWR311000107031 Ref C: 2024-07-27T13:18:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C70F11A8232F4964A8A5F5E9B4BBAAB5&MUID=11E0350DBCE8625336D921C4BDEF6381
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 p Show response
i.simpli.fi/ 798 B
762 B 50ms
14ms Script
application/javascript 34.86.70.109
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=479758&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/238dd35a-7f23-4c26-ba6b-c81e327c485b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 109.70.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 733a5c20246fb1d777a6ac5c480c1be40b41a0ab49334b488011e75008892640

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2607:f8b0:4004:c0b::8a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=208121685&t=timing&_s=3&dl=https%3A%2F%2Fwww.everdrytoledo.com%2F&ul=en-us&de=UTF-8&dt=Basement%20Waterproofing%20in%20Toledo%2C%20OH%20%7C%20EverDry%20Toledo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2179&pdt=3&dns=0&rrt=263&srt=76&tcp=212&dit=1233&clt=1233&_gst=834&_gbt=1040&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1335708255.1722086316&tid=UA-763471-7&_gid=1772630722.1722086316&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F5fbp3hx5jj%2F7p6ty7%2F1umiwm2&z=1826372004

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 05:59:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26347
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
www.everdrytoledo.com/ 1 KB
975 B 70ms
70ms Other
image/x-icon 173.201.177.229
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everdrytoledo.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.201.177.229 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-177-229.ip.secureserver.net
Software: Apache /
Resource Hash: 05c69509df5562f1bac41e393d629766f2644ac0a6618a090048fc1f8ab8ecfe

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
content-encoding: br
last-modified: Mon, 08 Jun 2015 16:24:36 GMT
server: Apache
etag: "3c114b-47e-5180413e0f900-br"
vary: Accept-Encoding
content-type: image/x-icon
accept-ranges: bytes
content-length: 862

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
2 KB 23ms
22ms Fetch
application/json 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5dfa8e2643be710e1d22b534&widgetId=default&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804a254a1d296cf86fd853c2f50aef788e216a55ee9907cde0f766e3c76f57f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-ddhc
server: cloudflare
etag: W/"2-75-0"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnoMf9uFqRl5qoaC2tCcr4OD3z0Ok4panQ%2BpUCFntNe1mVTpiVB3nFbiIomGI3YVd8ksATLHd96ZG2TyFS0i%2B9UfdcBo8y4S%2Fz%2FIiQyLDfiasnhkBZMAZYa%2FRehRo5u1oKvrwK66JzjR"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=7200, s-maxage=1800
vary: Accept-Encoding
cf-ray: 8a9cea9a2e8e42e3-EWR
access-control-allow-headers: content-type,x-tawk-token

GET

cs
cs.lkqd.net/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=4DA6B378AE7541599C0B6AF93984D621
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b10611e1e2&gdpr=0&gdpr_consent=

0
0

GET
H2

204

4DA6B378AE7541599C0B6AF93984D621
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/4DA6B378AE7541599C0B6AF93984D621

0
99 B

45ms
14ms

Image
text/plain

69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/simplifi/4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:40 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.1rx.io/usersync/simplifi/4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=

37 B
474 B

22ms
21ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 27 Jul 2024 13:18:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=4DA6B378AE7541599C0B6AF93984D621&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 27 Jul 2024 13:18:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=4DA6B378AE7541599C0B6AF93984D621

43 B
175 B

126ms
14ms

Image
image/gif

2600:1f18:612b:4232:5012:c2ca:70d1:c09
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 2600:1f18:612b:4232:5012:c2ca:70d1:c09 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 27 Jul 2024 13:18:37 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621

95 B
428 B

30ms
29ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=4DA6B378AE7541599C0B6AF93984D621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=4DA6B378AE7541599C0B6AF93984D621
https://d.agkn.com/pixel/10751/?che=1722086317393&ip=5.181.234.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214630604956010918676
https://um.simpli.fi/aa_px?sk=214630604956010918676
https://um.simpli.fi/empty.gif

43 B
361 B

14ms
14ms

Image
image/gif

35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621&ckls=true&ci=lAjLbORNKP&nc=false&trid=-2098114165

43 B
1 KB

27ms
26ms

Image
image/gif

2600:9000:2073:c800:1b:6b7d:2300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621&ckls=true&ci=lAjLbORNKP&nc=false&trid=-2098114165
Protocol: H2
Server: 2600:9000:2073:c800:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
via: 1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: S-z2mLwJhmxivn_C4V7gALix87ve8UrDTO4-PK2eacU5yN5SbVihOg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
via: 1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=4DA6B378AE7541599C0B6AF93984D621&ckls=true&ci=lAjLbORNKP&nc=false&trid=-2098114165
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: PrtQj4hljdmoUOIENYF_HhvaFI3365JQOSfQ7NfXc1SESLzBbTe1Vg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4DA6B378AE7541599C0B6AF93984D621

42 B
551 B

31ms
10ms

Image
image/gif

207.65.37.184
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 27 Jul 2024 13:18:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4DA6B378AE7541599C0B6AF93984D621

43 B
655 B

679ms
137ms

Image
image/gif

63.251.28.210
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4DA6B378AE7541599C0B6AF93984D621
Protocol: HTTP/1.1
Server: 63.251.28.210 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Jul 2024 13:18:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1722086317914047-1213

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H3

200

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=4DA6B378AE7541599C0B6AF93984D621;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=4DA6B378AE7541599C0B6AF93984D621;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=7388430164897712683

42 B
60 B

37ms
37ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=7388430164897712683
Protocol: H3
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:36 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp3.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=7388430164897712683
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0&xl8blockcheck=1

0
771 B

17ms
17ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0&xl8blockcheck=1
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=4DA6B378AE7541599C0B6AF93984D621&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621
https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621&verify=true

0
121 B

17ms
17ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621&verify=true

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=4DA6B378AE7541599C0B6AF93984D621&verify=true
date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=4DA6B378AE7541599C0B6AF93984D621

0
421 B

105ms
13ms

Image
text/plain

52.55.138.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=4DA6B378AE7541599C0B6AF93984D621
Protocol: HTTP/1.1
Server: 52.55.138.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-138-184.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 27 Jul 2024 13:18:36 GMT

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=4DA6B378AE7541599C0B6AF93984D621

62 B
480 B

137ms
80ms

Image
image/gif

23.219.8.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 23.219.8.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-8-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 27 Jul 2024 13:18:37 GMT
content-length: 62
x-request-id: e8df6a262a85c217a46956d4115c15f6
content-type: image/gif

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=4DA6B378AE7541599C0B6AF93984D621
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H2

200

tpid=4DA6B378AE7541599C0B6AF93984D621
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621

49 B
546 B

39ms
38ms

Image
image/gif

107.23.203.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 107.23.203.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-203-136.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.149
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=4DA6B378AE7541599C0B6AF93984D621
cache-control: no-cache
x-server: 10.40.11.143
content-length: 0
expires: 0

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621
https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621&dnr=1

43 B
511 B

17ms
16ms

Image
image/gif

34.234.72.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621&dnr=1
Protocol: H2
Server: 34.234.72.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-72-128.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 43
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ce.lijit.com/merge?pid=2&3pid=4DA6B378AE7541599C0B6AF93984D621&dnr=1
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=4DA6B378AE7541599C0B6AF93984D621
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogNERBNkIzNzhBRTc1NDE1OTlDMEI2QUY5Mzk4NEQ2MjEQABoNCK3nk7UGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342&expected_cookie=6912b3cb-71a8-4561-9816-8fb3529cdb46

0
143 B

117ms
116ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342&expected_cookie=6912b3cb-71a8-4561-9816-8fb3529cdb46
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 51E259ACBA4E4049BB80D17C73DD20A9 Ref B: EWR311000101053 Ref C: 2024-07-27T13:18:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeOnc9NXzxtsdWRdDIVg==

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 41015E08584B43E496DA11EFD0E59437 Ref B: EWR311000101053 Ref C: 2024-07-27T13:18:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=6cc037c41481ddebfd5f3381c5dd6da549228ca0d98076e100f9fc3b94622d7e791426b5417dce21&rand=04491342&expected_cookie=6912b3cb-71a8-4561-9816-8fb3529cdb46
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeOnc7V15ZNjM0ygpL6Q==

GET
H3

200

/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722086317027&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHB...
https://www.google.com/pagead/1p-conversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscr...

42 B
64 B

31ms
30ms

Image
image/gif

2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIt5bcuafHhwMVZFJHAR1HcjhYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5ldmVyZHJ5dG9sZWRvLmNvbS8&is_vtc=1&cid=CAQSKQDaQooLV_fDDIrM2rjtnQsS03XPCik90nurqeAypRd9VerjCgyEVEZp&random=2840033565

Protocol

Server

2607:f8b0:4004:c08::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=520334362&cv=7&fst=1722086317027&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIt5bcuafHhwMVZFJHAR1HcjhYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL3d3dy5ldmVyZHJ5dG9sZWRvLmNvbS8&is_vtc=1&cid=CAQSKQDaQooLV_fDDIrM2rjtnQsS03XPCik90nurqeAypRd9VerjCgyEVEZp&random=2840033565
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 24ms
21ms Image
text/plain 35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=4DA6B378AE7541599C0B6AF93984D621
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4DA6B378AE7541599C0B6AF93984D621

43 B
1 KB

10ms
9ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4DA6B378AE7541599C0B6AF93984D621

Protocol

Server

68.67.161.182 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
an-x-request-uuid: 9c372c42-2337-405a-ac02-906d4bbf6781
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
an-x-request-uuid: 005f0d60-8b3d-4cd4-931a-a373d3f9c8dd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D4DA6B378AE7541599C0B6AF93984D621
cache-control: no-store, no-cache, private
x-proxy-origin: 5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4DA6B378AE7541599C0B6AF93984D621&expires=365

42 B
1 KB

572ms
138ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4DA6B378AE7541599C0B6AF93984D621&expires=365
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4DA6B378AE7541599C0B6AF93984D621&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 26 Jul 2024 13:18:37 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=4DA6B378AE7541599C0B6AF93984D621
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4DA6B378AE7541599C0B6AF93984D621

43 B
171 B

22ms
22ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4DA6B378AE7541599C0B6AF93984D621
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=4DA6B378AE7541599C0B6AF93984D621
date: Sat, 27 Jul 2024 13:18:37 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESELDoE8_jsA3xFov3aGeCAvo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4DA6B378AE7541599C0B6AF93984D621
https://um.simpli.fi/g_match?id=

0
320 B

15ms
14ms

Image
text/plain

35.194.66.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

159.66.194.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 26 Jul 2024 13:18:37 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jul 2024 13:18:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/66909c6d5c9/languages/ 17 KB
5 KB 38ms
27ms Script
application/javascript 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66909c6d5c9/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 1329598
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jul 2024 03:01:26 GMT
server: cloudflare
etag: W/"2fea0481da1baa4eac07e95e0f9af8a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PG63sr4LkdoeDzN0xmnmnbs3%2Fu2wk44WZeZpMBMwGG5tmxxQgzvH%2Bau8OljHfn2deZKBDiDVZ79rwrp%2FOPqURGUcWQT6DTPIO1PWgoI2Mbow6RJxUFwq4x%2Fgaaov5b883uXuFt6r4TbEk4wA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8a9cea9afe2c425b-EWR

POST
H3 400 start Show response
va.tawk.to/v1/session/ 64 B
630 B 61ms
58ms Fetch
application/json 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Jul 2024 13:18:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 64
x-served-by: visitor-application-preemptive-6hd7
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.everdrytoledo.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggmpmVRvwEKys0%2BkUUu7THDKNJYHHIcs8e5miSSBxQk%2FPbog06TBgzbcJEYnw5yMmkXq%2FCj2qPaHgsfhe1QBAG0ZpQZmhHP94xua9%2FgJVgpPgWJRU8%2By4o96%2BFvF%2Fbnxyxpel%2FlC4sRF"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8a9cea9b6e97425b-EWR
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ 0
0 53ms
52ms Preflight
text/html 2606:4700:3035::ac43:821e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:821e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.everdrytoledo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.everdrytoledo.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8a9cea9b1f8642e3-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 27 Jul 2024 13:18:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZhWiKvwb9W2%2B9IWb0pX6%2BDEx1%2FgWRcJj7NPmhLkcv7zV%2BEY%2B87MuiWFMvhaxl8VhZjvuCvViPeWZr3AhtF%2BzQSHk8%2BLLYNe6qKqmeyWKo2uUUoTRb6lJms7j4Dk0j4rDgMG%2BzYjRdY0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-p7d8

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
285 B 24ms
23ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.everdrytoledo.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.everdrytoledo.com
Date: Sat, 27 Jul 2024 13:18:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b10611e1e2&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everdrytoledo.com/	1970-01-20 22:22:52	Name: _gid Value: GA1.2.1772630722.1722086316
.everdrytoledo.com/	1970-01-20 22:21:26	Name: _gat Value: 1
www.clarity.ms/	1970-01-21 07:07:02	Name: CLID Value: d9dce91a391243eeb8f728ccd10ee55f.20240727.20250727
.everdrytoledo.com/	1970-01-21 00:31:02	Name: _gcl_au Value: 1.1.70772013.1722086316
www.everdrytoledo.com/	1970-01-21 07:57:26	Name: _tq_id.TV-8181366318-1.9a9f Value: 2b3c15ef1a1df3e7.1722086316.0.1722086316..
.everdrytoledo.com/	1970-01-21 07:07:02	Name: calltrk_referrer Value: direct
.everdrytoledo.com/	1970-01-21 07:07:02	Name: calltrk_landing Value: https%3A//www.everdrytoledo.com/
.everdrytoledo.com/	1970-01-21 07:07:02	Name: _clck Value: 7p6ty7%7C2%7Cfnt%7C0%7C1669
.doubleclick.net/	1970-01-21 07:57:26	Name: IDE Value: AHWqTUnkLVuNPOb3CsrIKgd8ZZpoBiu8C2OG4_WsOX1RdMyMGkKYGQW-GTzQGiHk
.everdrytoledo.com/	1970-01-21 00:31:02	Name: _fbp Value: fb.1.1722086316240.699506141751239181
.simpli.fi/	1970-01-21 07:08:28	Name: suid Value: 4DA6B378AE7541599C0B6AF93984D621
.everdrytoledo.com/	1970-01-21 07:07:02	Name: _hjSessionUser_277084 Value: eyJpZCI6ImMxMGE5OTM2LTVmZjctNWIwYy04YzExLWQ4ZWU5ZWE1NTczZiIsImNyZWF0ZWQiOjE3MjIwODYzMTYzMTQsImV4aXN0aW5nIjpmYWxzZX0=
.everdrytoledo.com/	1970-01-20 22:21:28	Name: _hjSession_277084 Value: eyJpZCI6IjcyYjA1NDAxLTJkY2YtNDEyZS04MmVjLTk4YmNkMzQ0ZWRjZSIsImMiOjE3MjIwODYzMTYzMTUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
build.1pdata.app/	1970-01-21 07:57:26	Name: t Value: 3080767469
.everdrytoledo.com/	1970-01-21 07:57:26	Name: _ga_N20EEN9PR4 Value: GS1.1.1722086316.1.0.1722086316.60.0.0
.everdrytoledo.com/	1970-01-21 07:57:26	Name: _ga Value: GA1.1.1335708255.1722086316
www.everdrytoledo.com/	1970-01-21 07:57:26	Name: fullthrottlelims_t2 Value: 3080767469
www.everdrytoledo.com/	1970-01-20 22:21:33	Name: r Value: 1
.everdrytoledo.com/	1970-01-21 07:57:26	Name: _ga_W4Q2VSYWXC Value: GS1.1.1722086316.1.0.1722086316.0.0.0
.everdrytoledo.com/	1970-01-20 22:22:52	Name: _clsk Value: 1umiwm2%7C1722086316556%7C1%7C1%7Cz.clarity.ms%2Fcollect
.simpli.fi/	1970-01-20 22:31:31	Name: uid_syncd_secure Value: true
www.everdrytoledo.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: rHHYyzZ5PqLUk8AfDyJCQ
.pubmatic.com/	1970-01-20 23:04:38	Name: KRTBCOOKIE_148 Value: 19421-uid:4DA6B378AE7541599C0B6AF93984D621&KRTB&23486-uid:4DA6B378AE7541599C0B6AF93984D621&KRTB&23489-uid:4DA6B378AE7541599C0B6AF93984D621&KRTB&23539-uid:4DA6B378AE7541599C0B6AF93984D621
.pubmatic.com/	1970-01-20 23:04:38	Name: PugT Value: 1722086317
.tapad.com/	1970-01-20 23:47:50	Name: TapAd_TS Value: 1722086317345
.tapad.com/	1970-01-20 23:47:50	Name: TapAd_DID Value: 4fba13c8-d0c9-4cde-91a2-e2242a225c83
.3lift.com/	1970-01-21 00:31:02	Name: tluidp Value: 4568366395113813917082
.3lift.com/	1970-01-21 00:31:02	Name: tluid Value: 4568366395113813917082
.smaato.net/	1970-01-20 22:51:40	Name: SCM Value: b10611e1e2
.smaato.net/	1970-01-20 22:51:40	Name: SCMv Value: b10611e1e2
.smaato.net/	1970-01-20 22:51:40	Name: SCM1001136 Value: b10611e1e2
.openx.net/	1970-01-21 07:07:02	Name: i Value: 4e7bab99-725a-4b45-87e1-c0552c7c6ac2\|1722086317
.adnxs.com/	1970-01-21 00:31:02	Name: XANDR_PANID Value: nid1rshCLoOmUUCu-S-qEKuXEVwfKL-ia_R4c0at2Jsc_7b0JXJZYQpsFWLeZoO26tti5EqQuZCjrZIyM8N12Y3pgpUDjwNJJ_osL_XnS7c.
.adnxs.com/	1970-01-21 07:57:26	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:31:02	Name: uuid2 Value: 9168409089796438667
.yahoo.com/	1970-01-21 07:07:23	Name: A3 Value: d=AQABBK3zpGYCECthgkxHEYSVNfUBvitiyTQFEgEBAQFFpmauZtxC0iMA_eMAAA&S=AQAAAjP1OlqAmdjpyZQrNoGtT2Q
.adnxs.com/	1970-01-21 00:31:02	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?hm##R2!]tbPl1N!7On*M$=BWUhiIOdglvvMmlxo=mjG+izcwflNh0p:rdWoJ?fEC>6tBy7n/X%W#.wL4W1Qw2(a1tBR
.rlcdn.com/	1970-01-21 07:07:02	Name: rlas3 Value: yVyJeFXk6+dnjXV5B/iNqhq010Jr3GLTlr0x93hnyMk=
.tapad.com/	1970-01-20 23:47:50	Name: TapAd_3WAY_SYNCS Value:
.analytics.yahoo.com/	1970-01-21 07:07:02	Name: IDSYNC Value: 176k~2jsd
www.everdrytoledo.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.lijit.com/	1970-01-21 07:07:02	Name: ljt_reader Value: JD6-AQZHSzM2xudjR_mctxMP
.agkn.com/	1970-01-21 07:07:02	Name: ab Value: 0001%3A2TkxHzA7eEf1FFS0R8W5zNSrFFHB1Keu
.crwdcntrl.net/	1970-01-21 04:50:13	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 04:50:13	Name: _cc_id Value: 1c9e1499106d6d9fb975a646daba39ca
.intentiq.com/	1970-01-21 07:57:26	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 07:57:26	Name: intentIQ Value: lAjLbORNKP
.bfmio.com/	1970-01-21 07:07:02	Name: __141_cid Value: 4DA6B378AE7541599C0B6AF93984D621
.bfmio.com/	1970-01-21 07:07:02	Name: __io_cid Value: d07653f038d391eb582d3276df8f16edfd6bb241
.exelator.com/	1970-01-21 01:14:14	Name: EE Value: "0a187d46e55c9e9d8819d77e57b0752c"
.lijit.com/	1970-01-21 07:07:02	Name: _ljtrtb_2 Value: 4DA6B378AE7541599C0B6AF93984D621
.bing.com/	1970-01-21 07:43:02	Name: MUID Value: 11E0350DBCE8625336D921C4BDEF6381
.c.bing.com/	1970-01-20 22:31:31	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:43:02	Name: SRM_B Value: 11E0350DBCE8625336D921C4BDEF6381
.pro-market.net/	1970-01-21 02:40:38	Name: anProfile Value: "1k4tfwobabvhn+1+1f=1+1g=1+1j=57:1+rs=s+rt=2A0D560000241500101197A53007EC00+s2=(shaab1)+vm=24-4DA6B378AE7541599C0B6AF93984D621"
.pro-market.net/	1970-01-20 23:04:38	Name: anHistory Value: "1k4tfwobabvhn+2+!#7%/$B#J+t"
.intentiq.com/	1970-01-21 07:57:26	Name: intentIQCDate Value: 1722086317428
.intentiq.com/	1970-01-21 07:57:26	Name: CSDT Value: UEQ6MTAwNDNfMCZVSmpXZ24w
.intentiq.com/	1970-01-21 07:57:26	Name: IQPData Value: 95808132#1722086317426#0#1722086317426
.intentiq.com/	1970-01-21 07:57:26	Name: ASDT Value: 0
.exelator.com/	1970-01-21 01:14:14	Name: ud Value: "eJxrXxzq6XKLQcEg0dDCPMXELNXUNNky1TLFwsLQMsXcPNXUPMnA3NQoeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIbEl%252BUWb6otDgxUUpaQyLSopPBZ%252Bo0gEAjGIp3w%253D%253D"
.bluekai.com/	1970-01-21 02:46:23	Name: bku Value: blx99vlposR0nnXs
.bluekai.com/	1970-01-21 02:46:23	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEHWxEjY1pzTxDDlBExhBEA8xpOYBAasmE18meHWBM/h9y9o1yrV
.rlcdn.com/	1970-01-20 23:47:50	Name: pxrc Value: CAA=
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:43:02	Name: MUID Value: 11E0350DBCE8625336D921C4BDEF6381
.c.clarity.ms/	1970-01-20 22:31:31	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:21:26	Name: ANONCHK Value: 0
.pippio.com/	1970-01-21 07:07:02	Name: did Value: XG-ynQBXJDIO0sKx
.pippio.com/	1970-01-21 07:07:02	Name: didts Value: 1722086317
.pippio.com/	1970-01-20 23:47:50	Name: nnls Value:
.pippio.com/	1970-01-20 23:47:50	Name: pxrc Value: CK3nk7UGEgYIgr0rEAA=
.agkn.com/	1970-01-21 07:07:02	Name: u Value: C\|0AAAAAAAALjewLQAAAAAA
.linkedin.com/	1970-01-21 00:31:02	Name: li_sugr Value: 6912b3cb-71a8-4561-9816-8fb3529cdb46
.linkedin.com/	1970-01-21 07:07:02	Name: bcookie Value: "v=2&2c7bc1c0-7fd5-4491-8738-6302d60fb252"
.linkedin.com/	1970-01-20 22:22:52	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3307:u=1:x=1:i=1722086317:t=1722172717:v=2:sig=AQHrWoYMNW5X6zGQY-hrsx3A01UUVnbI"
.rubiconproject.com/	1970-01-21 07:07:02	Name: audit_p Value: 1\|B3cGAVULrB3fXiDxzifpOVNhc66UDR8j3ZDPrDH9cdCMaGpsUGBQ3mcsk+Xxh0n8kDvkFokNFROM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+cXA+XnTL2sahOg7OSSe99KAqXIv7yiN1+7hryEkv0/L1LCTAJxLb6SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/	1970-01-21 07:07:02	Name: khaos Value: LZ45QAYP-7-G5XG
.rubiconproject.com/	1970-01-21 07:07:02	Name: khaos_p Value: LZ45QAYP-7-G5XG
.rubiconproject.com/	1970-01-21 07:07:02	Name: audit Value: 1\|B3cGAVULrB3fXiDxzifpOVNhc66UDR8j3ZDPrDH9cdCMaGpsUGBQ3mcsk+Xxh0n8kDvkFokNFROM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk+cXA+XnTL2sahOg7OSSe99KAqXIv7yiN1+7hryEkv0/L1LCTAJxLb6SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/	1970-01-21 00:31:02	Name: receive-cookie-deprecation Value: 1
.ads.stickyadstv.com/	1970-01-20 23:04:38	Name: UID Value: 2a37fe2c6c43f64a25c6018277ef26c
.ads.stickyadstv.com/	1970-01-20 22:22:52	Name: uid-bp-26865 Value: 4DA6B378AE7541599C0B6AF93984D621

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=b10611e1e2&gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://va.tawk.to/v1/session/start Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.stickyadstv.com
ajax.googleapis.com
analytics.google.com
bcp.crwdcntrl.net
build.1pdata.app
c.bing.com
c.clarity.ms
cdn.callrail.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
collector-11638.tvsquared.com
connect.facebook.net
cs.lkqd.net
d.agkn.com
eb2.3lift.com
embed.tawk.to
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
ftlaunchpad.ai
googleads.g.doubleclick.net
hits3.livemarketshoppers.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jelly-v6.mdhv.io
jelly.mdhv.io
loadm.exelator.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
script.hotjar.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
va.tawk.to
www.clarity.ms
www.everdrytoledo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.ruskind.com
z.clarity.ms
cs.lkqd.net
107.178.254.65
107.23.203.136
13.249.39.110
13.59.134.249
13.59.189.131
13.74.129.1
142.251.16.157
142.251.179.157
15.197.225.128
173.201.177.229
18.160.41.58
20.10.16.51
2001:4860:4802:32::181
2001:4860:4802:38::15
207.65.37.184
216.239.34.21
23.219.8.236
2600:1901:0:8eee::
2600:1f16:f60:9203:8a67:f3da:af74:3d99
2600:1f18:612b:4232:5012:c2ca:70d1:c09
2600:9000:2073:c800:1b:6b7d:2300:93a1
2600:9000:2199:9a00:19:fc2c:a140:93a1
2606:4700:3035::ac43:821e
2606:4700::6811:190e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::68
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c0b::8a
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c21::5e
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.139.167.176
3.225.218.10
34.111.113.62
34.234.72.128
34.86.70.109
35.194.66.159
35.244.154.8
35.244.159.8
50.16.197.56
52.223.22.214
52.55.138.184
63.251.28.210
68.67.161.182
69.173.151.100
69.194.240.13
99.84.108.3
99.84.191.81
00b1fa738898c3fc032b09b0c575220587b9a47d6688aa1ad2d61253fa474e75
05364312efc41fb8765f2cf33103f91c3a6dafb8040378e66e8924d3c366d07e
05c69509df5562f1bac41e393d629766f2644ac0a6618a090048fc1f8ab8ecfe
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0afd31c93af754b8d62b4b9e7aad94f46ec99ad6743fe779fd5de50ca27240c4
0c1fa1adc68a703a1eba248dea05abdc1df1d1521a18f2649e0b8b6eeab5ed5a
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
0de84bd0cb55a27c12de38ca6cd303ac37057a67fd8651f1cac34ac8cf14efb4
1188736df9c539e7fc1c316ca49479fc7284573acc3da41c3d88e27b9686d24c
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1769c5aac95e2de7ff0d4c6fb0663515faa9450da1d54274b51a3133bc6b1103
180e72e074f66f0ededb6b8556ae89d1093d85fcb1d4906349ce18aa491902d1
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1536ad8a29b769400ca7d4c5b6470f8a847d93c4d9b3818b6d702b4794d043
1fc0e3d55c25cfc14b5086140fc6748d7a37d5c7ec12079ee6150f0373020cf8
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
237b4750dad3793da8e8632bb02d1d60ac1651bd0e9aebcebdbf0f9b83dae835
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32ceb0f601efe039eedf4d5e99694f41c6364205100271271a3ded478f70d718
3447ae1ac195cbdf9d7d53dc3cde7d5ae9f776f6708f82345a875ba4c9c7a5d9
368953b4e5e514e98de66323bf0098dbc55850cf9198e9594182767b793a0a5c
388a3edc5a8e432eaa5c7ab9248c0544dfced9a759b3768bd66e3285c61345e0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d5d3565eaefe455bca4ace3e83c37cda7815373cdac3ba3f45f0680a079ac19
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
478a4b5c7d0bc928843c86eb76e79519f856a6f24a05931f77ed01ff863fc18b
492df85d7a5b00dded1cdb5ad0020140c074a1cad582fbbdfc0b5f6ca958df30
4acefc43abfdd9ab55c63ce101f1a790f6b7480a9816c98533d8e355f6ead2ad
4b33e722d188845590196eac6d9e14391b616930816045e58a535c2bf7ab1c5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e33f1021bc35fe97e66861c986c6f3c1ef41d1da18d996a0a27ed0d7ea5f7a
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
54e8cd7005293319acb0316ea5986b19128fca3f25b4fc987696ef27358fa509
562fb60b9d94f089e2e35c61b86e4c5c135bb96cb814d5e7b32b60427f10a0f6
5acc0061b8ef5dbe2f82be87638b3ed436e0d8f98dc556911b0af3910cbf7717
5f5290d52117f3ef537ec0fc0382d4ad26bc9d47e5e1bf05b06465c88ac18324
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
65566333567bd9203a3182e218cad94288333dd5586a5b7502dce63d3f585e3e
6ce51f5e671d6354363b4212c78062363d627079e6385bc20b225847c88cb297
6fc4165db7057c337a443a0ed6b40f9b79a65982b1337f4cc2175d82a323f475
701f9292494108faa9009983817e1289dbc2fa2e88d75d24ebc72472f9019619
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
733a5c20246fb1d777a6ac5c480c1be40b41a0ab49334b488011e75008892640
76ae92848b3a4704260b75e6c67ea71cc32b89cf082701a6449d87646805b23f
7e2c6e402c74b434cf8741db6a8dec268180c5647b8c98b48631177d0f6e515b
804a254a1d296cf86fd853c2f50aef788e216a55ee9907cde0f766e3c76f57f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872d131778bdf2d36ae3906566cb2fab649363fccd925b4b4363814a56b28a30
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f13befc2717836461e62408c795c96d0470e56388c2e605013f16d750c1b1e7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2bd541c2fab5608a8ac1a42feee51581f1162d6396bb3197f67be22c051b865
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a99650a40ef77313e862f73528a622a6dd704df298714864af7c543c824b97b7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abec485aba2695c5af0a73e5a8b53d14333f7b5d24aba4ff6218976e14ff3e7b
abf14e7a94b0617ca384ba7d69fef3c22dac494061b8208a6e497f50d60704ee
af2a7683946309077fe69509464fe22a6d17f314bea66b93bec84d8a34440503
afcfee88aa3d7bd1b9f259afb09100b713693b39d20832aa77fd56b67afef22b
b02fd4051347131f272a14acbc590bfff7fe11261c14867eb6e36a6b3fce75b8
b05c9a3ffa71db2b2879876cbf6e85fb24aa74cf64ade09ec8b676f7703850ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e48a468adec154e187e5919bd0deb057a0c7b67c758a1adfbc7b22af4f3b7
b8e9a0ea9f220ce7be4ffb3988d6235d3a594d4cf8a5c1df7e218c9e60db9ffc
b95dcb6aa49605407feeb211c8731eed0ad442f195389b77e085d07c13113846
ba2e4d50628fe9ae84b1c2c842352b9fb0b40fd76a1c0ecb7fc7b591bd51e6a4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfabb2c7c8ce7cfb04aafddbf78af11fe2dc032f8eb903c196b3e7cf57428e2
bf5a4f90ad9e5bd34a401cf1cd0e9dd8e8592cef06ab83dc2adf88b8f1d7ea04
bf75ecd90a07c15655cccf7e92c43c0b502ce4b6a394d4ee87daed8ac57ffd5b
bf77a0d13bba264d094322e910c1654795260b03d4b6181fe3746f25d010a0a7
c03cab2da8694a8c7c11a655d47ea6af63dc64a0fe5aca8ecd655c93cbf871c1
c64f3ea7d63cfc8c30b4babbcef666b5e71e42930f5c63c13ba7075e9ed84f0f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d818a9252e8915467a618985f34e14ccd939334bc270bf85bbfee2a14f63fb5c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1445ca7317c0b4f669b5d1a12caf5bc7222ac5e2a218fe66dd22a06d0f381e4
e19b83090f20fcd5749a9efc0c1858230ed4b3d20dfca2299cb49d8db79576f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed9ea4a28021f2f7667682518ed5eac0cf4eaeb788a0c3f66088c808faf4b733
ee2f6805081683155c0503455f4a355cb37ee499fead434db8d8e1187f8a6181
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05a0f5668e613aa998e827c54aad9f1ffb288db4a62ae009ff73c39f9630f9b
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f54f96531b477d526e3f16834d2bdf624f2814310e5af68fd15af62fd3a5807b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f8229e67137ae552c5cae4924348f4b5cd1c9b67061f1fe5ceac8ed9ccd2d5a5
fa8041d387b4d58cde63480a53ec12bbde608e93d13698f49b3e2adaf994610e
fb68981dc071e1c377d6345b01af883bad6375161a7e1e2853a16f528becf6f9
fd2561151503b0565e82296b096d89fccb328a67197e15e39782f52837547af0
fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39

www.everdrytoledo.com Open in urlscan Pro 173.201.177.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

82 %HTTPS

40 %IPv6

45 Domains

57 Subdomains

45 IPs

2 Countries

1955 kBTransfer

4505 kBSize

83 Cookies

11 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.everdrytoledo.com Open in urlscan Pro
173.201.177.229 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

82 %
HTTPS

40 %
IPv6

45
Domains

57
Subdomains

45
IPs

2
Countries

1955 kB
Transfer

4505 kB
Size

83
Cookies

136 HTTP transactions
0 data transactions