urlscan.io logo urlscan.io
SecurityTrails logo

www.howtogethead.com Open in urlscan Pro
50.28.78.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/
Effective URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 41 HTTP transactions. The main IP is 50.28.78.206, located in United States and belongs to LIQUIDWEB, US. The main domain is www.howtogethead.com.
TLS certificate: Issued by R10 on October 25th 2024. Valid for: 3 months.
This is the only time www.howtogethead.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.167.152.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-152-209.us-west-2.compute.amazonaws.com
b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net
10    50.28.78.206 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.droffr.com
www.howtogethead.com
1    2600:9000:211a:7a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    54.149.76.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-76-248.us-west-2.compute.amazonaws.com
cbtb.clickbank.net
1    172.64.151.51 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
forms.aweber.com
4    18.245.86.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-67.fra60.r.cloudfront.net
prod.cbstatic.net
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2600:9000:223c:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    52.216.77.252 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
oralfixation.s3.amazonaws.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    68.70.204.1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
seal-boise.bbb.org
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:21f3:8200:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
Apex Domain
Subdomains		 Transfer
10 howtogethead.com
www.howtogethead.com
297 KB
4 amazonaws.com
oralfixation.s3.amazonaws.com
957 KB
4 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 259981
195 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
3 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2047
118 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1471
pixel.quantserve.com — Cisco Umbrella Rank: 1044
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
203 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
2 clickbank.net
b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net
cbtb.clickbank.net — Cisco Umbrella Rank: 247281
2 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2190
202 B
1 bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 247446
5 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
650 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1501
453 B
1 aweber.com
forms.aweber.com — Cisco Umbrella Rank: 54911
581 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 5156
53 KB
41 16
Domain Requested by
10 www.howtogethead.com www.howtogethead.com
4 oralfixation.s3.amazonaws.com www.howtogethead.com
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
www.howtogethead.com
3 www.facebook.com www.howtogethead.com
3 ssl.p.jwpcdn.com content.jwplatform.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.howtogethead.com
www.google-analytics.com
2 connect.facebook.net www.howtogethead.com
connect.facebook.net
1 prd.jwpltx.com
1 pixel.quantserve.com www.howtogethead.com
1 region1.google-analytics.com www.googletagmanager.com
1 seal-boise.bbb.org www.howtogethead.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.howtogethead.com
1 forms.aweber.com www.howtogethead.com
1 cbtb.clickbank.net www.howtogethead.com
1 content.jwplatform.com www.howtogethead.com
1 b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net 1 redirects
41 19

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
get.adobe.com
digitalromanceinc.com
Subject Issuer Validity Valid
www.howtogethead.com
R10		 2024-10-25 -
2025-01-23		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2024-09-25 -
2025-10-23		 a year crt.sh
*.clickbank.net
Amazon RSA 2048 M03		 2024-01-09 -
2025-02-07		 a year crt.sh
*.aweber.com
RapidSSL TLS RSA CA G1		 2024-01-12 -
2025-01-23		 a year crt.sh
*.cbstatic.net
Amazon RSA 2048 M03		 2024-06-18 -
2025-07-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-12 -
2024-11-10		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-07-02 -
2025-08-03		 a year crt.sh
quantserve.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-04 -
2025-04-25		 a year crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2024-09-11 -
2025-10-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Frame ID: 7BE124C9EF0B10D9D5A938AFEF9FE8C7
Requests: 40 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.howtogethead.com&layout=standard&show_faces=false&width=450&action=like&colorscheme=light&height=35
Frame ID: CDC850737B6BDE6E2D093D6CF35EA6D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HowToGetHead.com | Discover The One Simple Trick That Makes Giving You A Blow Job Into Her New Favorite Hobby

Page URL History Show full URLs

  1. http://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/ HTTP 307
    https://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/ HTTP 307
    http://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc HTTP 307
    https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aweber\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

41
Requests

98 %
HTTPS

56 %
IPv6

16
Domains

19
Subdomains

18
IPs

4
Countries

1939 kB
Transfer

6667 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/ HTTP 307
    https://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/ HTTP 307
    http://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc HTTP 307
    https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.howtogethead.com/
Redirect Chain
  • http://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/
  • https://b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net/
  • http://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
  • https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
28 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
91261019c730a7939dcdb6208cfb6625b91fdd83b7c502cce32a75eac69e1aae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-length
11650
content-type
text/html; charset=UTF-8
date
Sun, 03 Nov 2024 01:19:45 GMT
expires
Sun, 03 Nov 2024 02:19:45 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Non-Authoritative-Reason
HttpsUpgrades
djstyle.css
www.howtogethead.com/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.howtogethead.com/css/djstyle.css
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
5513b606b6f9de200d9b0eebf21b8d8c8c5d1bfb5071ecbb56a47c1cef3b1fcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
public, must-revalidate, proxy-revalidate
content-encoding
gzip
expires
Tue, 03 Dec 2024 01:19:46 GMT
accept-ranges
bytes
content-length
6168
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
Accept-Encoding,User-Agent
server
Apache
content-type
text/css
gGHUIGsg.js
content.jwplatform.com/libraries/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/gGHUIGsg.js
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:7a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
04b720ff5d0fda3a91733a7caa7c8c974528bbeb828be4ae3a8ec1410fa04440

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

x-robots-tag
noindex, indexifembedded
cache-control
max-age=180
content-encoding
gzip
via
1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
53520
x-amz-cf-id
dN3WQ2yGun6T8vBwlVWxYdpF9KAZH59u4j4W7jnaXhtCcefVHUwzDQ==
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
text/javascript; charset=utf-8
x-amz-cf-pop
VIE50-C2
server
openresty
/
cbtb.clickbank.net/ 		939 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=oralfix&position=bottom_left&theme=black
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.76.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-76-248.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3088f0f23c03529cb96fb2d19ff1bfea19708bbbdfa3440775a6a3936a61871b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=900
content-encoding
gzip
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
Apache
speaker.gif
www.howtogethead.com/css/images/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.howtogethead.com/css/images/speaker.gif
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
fe772d812f24d534422b917d90a038244614a6ed47db21bd79a5643ebe869087

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
public, must-revalidate, proxy-revalidate
expires
Tue, 03 Dec 2024 01:19:46 GMT
accept-ranges
bytes
content-length
981
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
User-Agent
server
Apache
content-type
image/gif
checkoutbutton-2.png
www.howtogethead.com/css/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.howtogethead.com/css/images/checkoutbutton-2.png
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
2aada4c8754f77edeb5dcac88d5a9b58a0ff3c9ca14531b93e74f4a3acfa326a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
public, must-revalidate, proxy-revalidate
expires
Tue, 03 Dec 2024 01:19:46 GMT
accept-ranges
bytes
content-length
32231
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
User-Agent
server
Apache
content-type
image/png
displays.htm
forms.aweber.com/form/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.aweber.com/form/displays.htm?id=TGyMrIysDMxM
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.51 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
etag
"b80b11203d97fe01c5597ca3be70406ea48f5709"
cf-ray
8dc889ba3ef5e52a-TXL
correlation-id
086816a6-010a-4af6-9c9b-3e512d84aa5a
expires
Sun, 03 Nov 2024 01:19:46 -0000
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
image/gif
server
cloudflare
exitsplash.php
www.howtogethead.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.howtogethead.com/exitsplash.php?tc=3399cc&uh=none&ad=custom&sh=no&bh=22&fs=12&lf=Arial&at=Powered%20by%20ExitSplash
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
2c47f6f8af2093c5dfde81d1cc46e4db4d7ae8579bdb8994ac240a04d1d311ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
max-age=3600
content-encoding
gzip
expires
Sun, 03 Nov 2024 02:19:46 GMT
content-length
1071
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
injectable.js
prod.cbstatic.net/dist/ 		187 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=oralfix&position=bottom_left&theme=black
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
etag
"af651c30e1a69f6f2124e9c1d094a300"
age
271
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
HR2JGdWy3EPwCL1XapemPt9V_QHNxToDZm9RPFvyly92VhG7Qk7CUw==
date
Sun, 03 Nov 2024 01:15:26 GMT
content-type
application/javascript
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
191051
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P6
server
AmazonS3
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ORnzPgEq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ORnzPgEq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
gFtIM0gWJrOq/ZmnwnPLXdcmTiiMlfQQJhvX4kHYK1UwopW/zG15lIRe7gWH4wH9vM5wuCoNP/mmbYxTE8CvDw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQG374
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5af929cda8707f78f37aadea4a8c8e9963fb89142e002325b47b9055bc2e004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 03 Nov 2024 01:19:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 03 Nov 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80322
x-xss-protection
0
server
Google Tag Manager
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/gGHUIGsg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
etag
"1ce002c93317733cda35dcef121db9b4"
age
772
x-cache
HIT
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Mon, 16 Sep 2024 18:29:50 GMT
vary
Accept-Encoding
x-cache-hits
91
content-type
application/javascript
x-served-by
cache-mxp6920-MXP
cache-control
max-age=900, immutable
x-timer
S1730596787.876385,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
19880
server
AmazonS3
jwplayer.core.controls.html5.js
ssl.p.jwpcdn.com/player/v/8.36.2/ 		358 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/jwplayer.core.controls.html5.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/gGHUIGsg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7613ca478f6014e3cd321dfc7933d77360d7a35b44ee2535da812447b7590f15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
etag
"76848461609f62db1fafb3f828dbccf1"
age
948371
x-cache
HIT
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Thu, 12 Sep 2024 17:51:58 GMT
vary
Accept-Encoding
x-cache-hits
47366
content-type
application/javascript
x-served-by
cache-mxp6920-MXP
cache-control
max-age=31536000, immutable
x-timer
S1730596787.876407,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98900
server
AmazonS3
de.json
ssl.p.jwpcdn.com/player/v/8.36.2/translations/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.36.2/translations/de.json
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/gGHUIGsg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
144b9148ceae6c36c88496e592e6a7a3fd39157c9e638155eb7acdf146a257eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
etag
"beb33205fe4484824eb60ba6717a3f69"
age
754620
x-cache
HIT
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Thu, 12 Sep 2024 17:52:06 GMT
vary
Accept-Encoding
x-cache-hits
972
content-type
application/json
x-served-by
cache-mxp6971-MXP
cache-control
max-age=31536000, immutable
x-timer
S1730596787.876436,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1452
server
AmazonS3
like.php
www.facebook.com/plugins/ Frame CDC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.howtogethead.com&layout=standard&show_faces=false&width=450&action=like&colorscheme=light&height=35
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.howtogethead.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 03 Nov 2024 01:19:46 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432856599706196832"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432856599706196832"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1297, tbw=2889, tp=-1, tpl=-1, uplat=30, ullat=0
x-fb-debug
fsINQ4KZ4hQ62VqFbvEShcPciZtYZrEhLhdGSJlKw9WF3sd+BwsfMouGdvsm3325LKfy9cYKD2SninXfJsL4zg==
x-xss-protection
0
bg-2.jpg
www.howtogethead.com/css/images/ 		460 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.howtogethead.com/css/images/bg-2.jpg
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/css/djstyle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
f837207ae833b125f8ccf7232825907d47e7761e9489504f55248d39c64e52c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/css/djstyle.css

Response headers

cache-control
public, must-revalidate, proxy-revalidate
expires
Tue, 03 Dec 2024 01:19:46 GMT
accept-ranges
bytes
content-length
460
date
Sun, 03 Nov 2024 01:19:46 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"HP/dXILNCv8vRT01LqWQOg=="
expires
Sun, 10 Nov 2024 01:19:46 GMT
accept-ranges
bytes
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
application/javascript
vary
Accept-Encoding
footer.jpg
www.howtogethead.com/css/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.howtogethead.com/css/images/footer.jpg
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/css/djstyle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/css/djstyle.css

Response headers

content-length
315
date
Sun, 03 Nov 2024 01:19:46 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
695700640584249
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/695700640584249?v=2.9.176&r=stable&domain=www.howtogethead.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
2c3990ca6405924434f4c1f48429715901b1b79ccdfde169ca2fc8b1351d363d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-MbdemCDM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 01:19:47 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-MbdemCDM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=77, mss=1232, tbw=70811, tp=67, tpl=0, uplat=85, ullat=0
pragma
public
x-fb-debug
DcHdkkdYE2lXEEJ/Qw6tFS+9KJSwZwguDBHpxRnAPxaTkYYzXFxoRwrJCuv7MGWBukuRtWejpuUERCFHGRvrZg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
rules-p-e0BUjiPrW2H62.js
rules.quantcount.com/ 		3 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-e0BUjiPrW2H62.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
x-cache
RefreshHit from cloudfront
x-amz-cf-id
IJ7J19vFezrrgaQhUUiwTB8yTDp-xHNNrI9l3bhVopjPIg02HTxYdA==
date
Sun, 03 Nov 2024 01:19:48 GMT
content-type
application/javascript
last-modified
Sat, 04 Mar 2017 21:00:43 GMT
vary
Accept-Encoding
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3
x-amz-cf-pop
FRA56-P2
server
AmazonS3
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQG374
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
gzip
age
6812
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 03 Nov 2024 01:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 23:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
video_card.png
www.howtogethead.com/images/ 		242 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.howtogethead.com/images/video_card.png
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
658e5904e9aab0ec52f9eb2fb9a67de9cc3af4ce82c834941a6f206850f01ad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
public, must-revalidate, proxy-revalidate
expires
Tue, 03 Dec 2024 01:19:47 GMT
accept-ranges
bytes
content-length
247995
date
Sun, 03 Nov 2024 01:19:47 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
User-Agent
server
Apache
content-type
image/png
ccd3f046-3c25-46e0-9b84-4449764422d9
https://www.howtogethead.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.howtogethead.com/ccd3f046-3c25-46e0-9b84-4449764422d9
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Type
video/mp4
Content-Range
bytes 0-1492/1493
Content-Length
1493
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=695700640584249&ev=PageView&dl=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc&rl=&if=false&ts=1730596787065&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730596787063.446415987974152733&ler=empty&cdl=API_unavailable&it=1730596786891&coo=false&rqm=GET
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=2902, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 03 Nov 2024 01:19:47 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=695700640584249&ev=PageView&dl=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc&rl=&if=false&ts=1730596787065&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730596787063.446415987974152733&ler=empty&cdl=API_unavailable&it=1730596786891&coo=false&rqm=FGET
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432856603961710525"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 03 Nov 2024 01:19:47 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432856603961710525", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
LeDcpBqv4vKD2zCUo3hpEu4o2mRWMqBSPl/HWp+couhpkQei3qrswWos49who5eVnV22/yqGKqgGcczQK9d3Pg==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1297, tbw=3220, tp=-1, tpl=-1, uplat=161, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
of-final-47.mp4
oralfixation.s3.amazonaws.com/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://oralfixation.s3.amazonaws.com/of-final-47.mp4
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.77.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.howtogethead.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

ETag
"f8fa19d541404d9e936f74561b7b0271"
Content-Range
bytes 0-36991295/36991296
x-amz-request-id
YVFAGMG49VB4J15J
Accept-Ranges
bytes
Content-Length
36991296
Date
Sun, 03 Nov 2024 01:19:48 GMT
Last-Modified
Tue, 27 Jan 2015 23:37:49 GMT
Content-Type
application/octet-stream
Server
AmazonS3
x-amz-id-2
kbXoiH8lGrLHwrboGnCA3XBaL1T4rYjGKb7W97ilxQYkKok2NfQOx1TWPnlcpkppf1K0naBfYr8=
collect
www.google-analytics.com/j/ 		15 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=596120729&t=pageview&_s=1&dl=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc&ul=de-de&de=UTF-8&dt=HowToGetHead.com%20%7C%20Discover%20The%20One%20Simple%20Trick%20That%20Makes%20Giving%20You%20A%20Blow%20Job%20Into%20Her%20New%20Favorite%20Hobby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAACAAI~&jid=1864742814&gjid=2087726825&cid=1198354133.1730596787&tid=UA-52387645-1&_gid=675738977.1730596787&_slc=1&gtm=45He4au0n71NQG374za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&npa=1&z=1901109178
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
af2f9abbfa966429908d69a1ef8a0afc6258d4d19db0123d3628d5a10e627230
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.howtogethead.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 01:19:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.howtogethead.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-52387645-1&cid=1198354133.1730596787&jid=1864742814&gjid=2087726825&_gid=675738977.1730596787&npa=1&_u=YGBAiEABBAAAAGAAI~&z=1168309933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.howtogethead.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 01:19:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.howtogethead.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
app-strings-en.json
prod.cbstatic.net/dist/i18n/ 		9 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.howtogethead.com/

Response headers

access-control-max-age
3000
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
etag
"cdfca8b09e61ae7324e48f01984c9b34"
age
79718
access-control-allow-methods
GET
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
j-y2tDJbk5PFpEMx4a4CxPg8DmGuE0O_p1yNyF0pvDzm73EPLNfS6A==
date
Sat, 02 Nov 2024 04:25:35 GMT
content-type
application/json
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
9
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P6
server
AmazonS3
logo-header-white-en.png
prod.cbstatic.net/dist/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-white-en.png
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

x-amz-version-id
MDOIjhR_M6jNbjX8RkIPq2C7ONOX6nUv
etag
"c5cd3bf3708ca18dc29907bca5361917"
age
84676
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
LufaAMS_RL_XxKbdVefgUARv4gAGFDB1TbcrcvVAqQ-0iezDvteAOg==
date
Sat, 02 Nov 2024 05:28:31 GMT
content-type
image/png
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3010
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P6
server
AmazonS3
logo-tab-white-en.png
prod.cbstatic.net/dist/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-white-en.png
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-67.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

x-amz-version-id
cNeRH7m7.WywkvAuxfTwU5dXD8BBTjq_
etag
"dc81e32fb5cefc7eb584522b0e2b6c2f"
age
81216
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
NoJ36l8KS0q7xpp1mcJTCViwkjTzLuIxuh0iGmXTJK9-WtRRE_Bq9w==
date
Sat, 02 Nov 2024 03:50:37 GMT
content-type
image/png
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3779
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P6
server
AmazonS3
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash
3c55ca83995486c1ef97ada08273dbb7a913b987ba0c32c30dbb7afe12a10404

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

x-robots-tag
noindex
cache-control
max-age=14400
x-aspnet-version
4.0.30319
x-edge-location
defr
expires
Sun, 03 Nov 2024 05:19:47 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
4394
date
Sun, 03 Nov 2024 01:19:47 GMT
x-shield
active
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:58:17 GMT
server
keycdn
x-powered-by
ASP.NET
js
www.googletagmanager.com/gtag/ 		386 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3VTPR3DZHX&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c542a8f2ec8088d8f1226a01ac49f8d378a4e015d9dcc8b31de8a94464b38f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 03 Nov 2024 01:19:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 01:19:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126368
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3VTPR3DZHX&gtm=45je4au0v9165118521za200&_p=1730596786710&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&ul=de-de&sr=1600x1200&cid=1198354133.1730596787&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc&dt=HowToGetHead.com%20%7C%20Discover%20The%20One%20Simple%20Trick%20That%20Makes%20Giving%20You%20A%20Blow%20Job%20Into%20Her%20New%20Favorite%20Hobby&sid=1730596787&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2802
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VTPR3DZHX&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.howtogethead.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 03 Nov 2024 01:19:47 GMT
content-type
text/plain
server
Golfe2
pixel;r=944983300;rf=0;a=p-e0BUjiPrW2H62;url=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=howtogethead.com;...
pixel.quantserve.com/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=944983300;rf=0;a=p-e0BUjiPrW2H62;url=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc;ns=0;ce=1;qjs=1;qv=fd657345-20240925114642;ref=;d=howtogethead.com;dst=1;et=1730596787483;tzo=-60;ogl=;ses=8234592d-2b45-4d63-9de2-42770218a36d;uht=2;fpan=1;fpa=P0-636697854-1730596786932;pbc=;cm=undefined;gdpr=0;mdl=
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Sun, 03 Nov 2024 01:19:47 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
of-final-47.mp4
oralfixation.s3.amazonaws.com/ 		956 KB
957 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://oralfixation.s3.amazonaws.com/of-final-47.mp4
Requested by
Host: www.howtogethead.com
URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.77.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2d5ee6a73ba8c23731ecd04d755fbb92856a9b1c3436a285bdd750aa68b91b2c

Request headers

Referer
https://www.howtogethead.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=36012032-

Response headers

ETag
"f8fa19d541404d9e936f74561b7b0271"
Content-Range
bytes 36012032-36991295/36991296
x-amz-request-id
YVF8X144CFSXWZG2
Accept-Ranges
bytes
Content-Length
979264
Date
Sun, 03 Nov 2024 01:19:48 GMT
Last-Modified
Tue, 27 Jan 2015 23:37:49 GMT
Content-Type
application/octet-stream
Server
AmazonS3
x-amz-id-2
gDfYnqIgBxVLblFptglpmGYFz6mUg3faIDDMEqzPuAFijim5CwYJJ6ryEQA5mWsgFIGiufxl+Mo=
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1304503125&e=s&n=7013877745842514&aid=A48nKkJOEeS%2BYSIACyaB8g&amp=0&at=1&c=-1&ccp=0&cp=0&d=1&eb=0&ed=9&emi=xfxx4bll4bd9&i=0&lid=er7j9q17nzfi&lsa=set&mt=0&pbd=1&pbr=1&pgi=12il7jlriij0&ph=1&pid=gGHUIGsg&pii=0&pl=400&plc=1&pli=t5mnf31tbvpu&pp=html5&ppm=VOD&prc=1&ps=4&pss=1&pt=HowToGetHead.com%20%7C%20Discover%20The%20One%20Simple%20Trick%20That%20Makes%20Giving%20You%20A%20Blow%20Job%20Into%20Her%20New%20Favorite%20Hobby&pu=https%3A%2F%2Fwww.howtogethead.com%2F%3FhopId%3D6c3ed027-43fd-4b96-80ba-193084697bdc&pv=8.36.2&pyc=1&s=0&sdk=0&stc=1&stpe=0&tv=4.0.6&vb=1&vi=1&vl=90&wd=640&abm=0&cae=0&cct=0&ch=2&cdid=mediaspace&drm=0&ff=1820&fsm=0&l=4&mk=mp4&mu=https%3A%2F%2Foralfixation.s3.amazonaws.com%2Fof-final-47.mp4&pcp=0&pd=2&pdr=&plng=de-DE&pni=0&pr=2&q=32&qcr=initial%20choice&sp=0&strt=1820&tb=1793.9&tt=0&vd=1793&vh=400&vs=2&vw=640&sa=1730596788900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8200:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/

Response headers

via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
MNg2ITi1e6-3sLTl2DNhlqy6zO5pjkDeM_xyEYAb6ii5PjqN6s1PXQ==
date
Sun, 03 Nov 2024 01:19:49 GMT
x-amz-cf-pop
FRA2-C2
server
nginx
of-final-47.mp4
oralfixation.s3.amazonaws.com/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://oralfixation.s3.amazonaws.com/of-final-47.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.77.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.howtogethead.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

ETag
"f8fa19d541404d9e936f74561b7b0271"
Content-Range
bytes 32768-36991295/36991296
x-amz-request-id
YVF8X144CFSXWZG2
Accept-Ranges
bytes
Content-Length
36958528
Date
Sun, 03 Nov 2024 01:19:48 GMT
Last-Modified
Tue, 27 Jan 2015 23:37:49 GMT
Content-Type
application/octet-stream
Server
AmazonS3
x-amz-id-2
gDfYnqIgBxVLblFptglpmGYFz6mUg3faIDDMEqzPuAFijim5CwYJJ6ryEQA5mWsgFIGiufxl+Mo=
video_card.png
www.howtogethead.com/images/ 		242 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.howtogethead.com/images/video_card.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
658e5904e9aab0ec52f9eb2fb9a67de9cc3af4ce82c834941a6f206850f01ad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

cache-control
public, must-revalidate, proxy-revalidate
expires
Tue, 03 Dec 2024 01:19:47 GMT
accept-ranges
bytes
content-length
247995
date
Sun, 03 Nov 2024 01:19:47 GMT
last-modified
Wed, 19 Apr 2017 19:06:00 GMT
vary
User-Agent
server
Apache
content-type
image/png
favicon.ico
www.howtogethead.com/ 		315 B
366 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.howtogethead.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.28.78.206 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.droffr.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc

Response headers

content-length
315
date
Sun, 03 Nov 2024 01:19:48 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
of-final-47.mp4
oralfixation.s3.amazonaws.com/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://oralfixation.s3.amazonaws.com/of-final-47.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.77.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.howtogethead.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=3388206-

Response headers

ETag
"f8fa19d541404d9e936f74561b7b0271"
Content-Range
bytes 3388206-36991295/36991296
x-amz-request-id
YVF8X144CFSXWZG2
Accept-Ranges
bytes
Content-Length
33603090
Date
Sun, 03 Nov 2024 01:19:48 GMT
Last-Modified
Tue, 27 Jan 2015 23:37:49 GMT
Content-Type
application/octet-stream
Server
AmazonS3
x-amz-id-2
gDfYnqIgBxVLblFptglpmGYFz6mUg3faIDDMEqzPuAFijim5CwYJJ6ryEQA5mWsgFIGiufxl+Mo=

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| jwDefaults object| webpackChunkjwplayer object| __core-js_shared__ object| core function| jwplayer function| Set_Cookie function| Get_Cookie function| fbq function| _fbq object| dataLayer number| hidetimelimit string| exitsplashmessage string| exitsplashpage string| exitsplashaudio function| addLoadEvent function| addClickEvent string| theDiv boolean| PreventExitSplash function| DisplayExitSplash object| a object| theBody function| disablelinksfunc function| StopExitImpactAudio function| disableformsfunc function| clearExitSplash function| allowExitSplash number| prepExit number| delayExit number| buttonstarttime function| showButton number| buttonshowtime number| checkMinutes object| _qevents function| quantserve function| __qc object| ezt object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| JSON3 function| cbtb object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.clickbank.net/ Name: q
Value: 01.A49679D15289E0ADEA56FC36B4224F4ADDDAE0A71E40BE5D2B232E8F2C61EAF8795778D673152926B105D241EFDD9DCC579B6B43
.aweber.com/ Name: __cf_bm
Value: D.VBfwWS8ZT3CL3Oa7tdImI4SJdmP5cPjM2wyJUURBo-1730596786-1.0.1.1-yh2lg5q2SzVMlebH_Wd4Fr1HckrtUdLnwlXml01V1tN8iUPpH4qTNhj9aUGbbWhawN46fyePnRrRZ4r0D0IrFQ
cbtb.clickbank.net/ Name: AWSALBCORS
Value: i8YPzPdvdZT+u+tsnQ9mPGAVwsFmpxAQzCmAXFOPigelFmucNt5KIQhBEXPsY0R+74Vi9Blas53v2Ege9Mc1ox+nt9KEv+ef9ohxaZIN1I8EMAGnhUUmnU+QRntq
www.howtogethead.com/ Name: watched
Value: 1
.howtogethead.com/ Name: _fbp
Value: fb.1.1730596787063.446415987974152733
.howtogethead.com/ Name: _ga
Value: GA1.2.1198354133.1730596787
.howtogethead.com/ Name: _gid
Value: GA1.2.675738977.1730596787
.howtogethead.com/ Name: _dc_gtm_UA-52387645-1
Value: 1
.howtogethead.com/ Name: _ga_3VTPR3DZHX
Value: GS1.2.1730596787.1.0.1730596787.0.0.0
.quantserve.com/ Name: mc
Value: 6726cfb3-7b456-821ab-ec887

3 Console Messages

Source Level URL
Text
security error URL: https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc(Line 405)
Message:
Mixed Content: The page at 'https://www.howtogethead.com/?hopId=6c3ed027-43fd-4b96-80ba-193084697bdc' was loaded over HTTPS, but requested an insecure frame 'http://pixel.fetchback.com/serve/fb/pdj?cat=&name=landing&sid=4890'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://www.howtogethead.com/css/images/footer.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.howtogethead.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b1e7do4z8n7gxin828m4oq4q1s.hop.clickbank.net
cbtb.clickbank.net
connect.facebook.net
content.jwplatform.com
forms.aweber.com
oralfixation.s3.amazonaws.com
pixel.quantserve.com
prd.jwpltx.com
prod.cbstatic.net
region1.google-analytics.com
rules.quantcount.com
seal-boise.bbb.org
secure.quantserve.com
ssl.p.jwpcdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.howtogethead.com
157.240.253.1
172.64.151.51
18.245.86.67
2001:4860:4802:32::36
2600:9000:211a:7a00:1:a3fa:7cc0:93a1
2600:9000:21f3:8200:1b:6b7c:c940:93a1
2600:9000:223c:ac00:6:44e3:f8c0:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80b::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9a
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::626
35.167.152.209
50.28.78.206
52.216.77.252
54.149.76.248
68.70.204.1
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
013042932688da7c3b9af64ecfffb3c3e8ef3aaa0881d57c192df167f1b2a9b9
04b720ff5d0fda3a91733a7caa7c8c974528bbeb828be4ae3a8ec1410fa04440
144b9148ceae6c36c88496e592e6a7a3fd39157c9e638155eb7acdf146a257eb
20133cc700841ec85f087ff9834a922b482b9135e98574a9afebade4c754558c
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac
2aada4c8754f77edeb5dcac88d5a9b58a0ff3c9ca14531b93e74f4a3acfa326a
2c3990ca6405924434f4c1f48429715901b1b79ccdfde169ca2fc8b1351d363d
2c47f6f8af2093c5dfde81d1cc46e4db4d7ae8579bdb8994ac240a04d1d311ee
2d5ee6a73ba8c23731ecd04d755fbb92856a9b1c3436a285bdd750aa68b91b2c
3088f0f23c03529cb96fb2d19ff1bfea19708bbbdfa3440775a6a3936a61871b
3c542a8f2ec8088d8f1226a01ac49f8d378a4e015d9dcc8b31de8a94464b38f3
3c55ca83995486c1ef97ada08273dbb7a913b987ba0c32c30dbb7afe12a10404
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02
5513b606b6f9de200d9b0eebf21b8d8c8c5d1bfb5071ecbb56a47c1cef3b1fcc
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
658e5904e9aab0ec52f9eb2fb9a67de9cc3af4ce82c834941a6f206850f01ad2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7613ca478f6014e3cd321dfc7933d77360d7a35b44ee2535da812447b7590f15
780218bda13c8a2362d45ebec297989e456e2511e83aa574c1deeee9df6127fe
91261019c730a7939dcdb6208cfb6625b91fdd83b7c502cce32a75eac69e1aae
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af2f9abbfa966429908d69a1ef8a0afc6258d4d19db0123d3628d5a10e627230
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d5af929cda8707f78f37aadea4a8c8e9963fb89142e002325b47b9055bc2e004
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f837207ae833b125f8ccf7232825907d47e7761e9489504f55248d39c64e52c1
fe772d812f24d534422b917d90a038244614a6ed47db21bd79a5643ebe869087